XCSSET Malware targets macOS by infecting Xcode developer projects

From hackread.com

Newly discovered malware by Trend Micro targets the macOS system by spreading via Xcode developer projects. Researchers explain the exploit as ‘two zero-day vulnerabilities’ wherein, the first one steals cookies through a flaw in the data vaults behavior and the second one abuses the development version of the Safari browser.

The malware named XCSSET has the ability to steal sensitive information and also launch ransomware attacks. It does this by abusing pre-installed Safari and other browsers to steal victims’ data.

Read more…