A severe programming error has been discovered in Apple’s latest macOS High Sierra 10.13 that exposes passwords of encrypted Apple File System (APFS) volumes in plain text. The vulnerability affects encrypted volumes using APFS (Apple File System) and other all-flash storage devices. Mac users can install update from the Mac App Store or download it from the Apple’s Software site. Ex-NSA hacker Patrick Wardle publicly disclosed details of a separate critical vulnerability that allows installed apps to steal passwords and secret data from the system.
Source: https://thehackernews.com/2017/10/macos-high-sierra-apfs-password.html