A zero-day software vulnerability discovered deep in the firmware of many Apple computers could, potentially gaining complete control of the victim’s Mac. The vulnerability, discovered by OS X security researcher Pedro Vilaca, affects Mac computers shipped before mid-2014 that are allowed to go into sleep mode. Vilaca found that the machine’s UEFI code can be unlocked after a computer is put to sleep and then brought back up. With the help of various vulnerabilities regularly found in Safari and other Web browsers, it is possible for an attacker to install a rootkit, a malware type that is hard to remove.
Source: https://thehackernews.com/2015/06/mac-osx-rootkit-malware.html