Apple 0-Day allows hackers to mimic mouse-clicks to allow malicious behavior on Mac OS Mojave, despite mitigations. A researcher has revealed a zero-day flaw in Apple s Mojave operating system tied to the way the OS verifies apps. The attack ultimately allows for an attacker to trigger synthetic mouse clicks on Mojave that, unknown to the end user, approve malicious behaviors. Because Apple trusts VLC media player, the adversary can manipulate the application’s code to perform a malicious act.
Source: https://threatpost.com/macos-zero-day-malicious-code/145259/