The authors of the Mac malware known as Shlayer have successfully managed to get their malicious payloads through Apple’s automated notarizing process. Shlayer was first spotted by Intego’s research team while being distributed as part of a malware campaign in February 2018, disguised as a fake Adobe Flash Player installer. Since February 2020 all Mac software distributed outside of its Mac App Store must be notarized by Apple to be able to run on macOS Catalina and above. Apple’s notarization process requires developers to submit software they built for the Mac platform to be scanned through an automated system designed to scan submitted software for malicious components and code-signing issues.
Source: https://www.bleepingcomputer.com/news/security/malware-authors-trick-apple-into-trusting-malicious-shlayer-apps/