Apple patched a zero-day vulnerability tracked as CVE-2021-30869 in the macOS for Catalina, Big Sur 11.2 and Mojave, iOS 12.5.5, on Sept. 23. The vulnerability was originally patched on Jan. 5, 2021, months before the discovery of this campaign. The payload is then run on the victim’s machine through launchctl, a service management framework for the Mac OS operating system. Google and Apple have not attributed this campaign to any of the known threat actors, but analyzing the quality of the payload code used during the campaign, the threat actor(s) are “likely state-backed””]
Source: https://www.govinfosecurity.com/mac-zero-day-alert-watering-hole-attacks-in-wild-a-17909