Malware is being used in Apple’s Xcode toolkit. XcodeSpy is a variant of the known EggShell malware. The malware installs a user LaunchAgent for persistence and is able to record information from the victim s microphone, camera and keyboard. Attackers have previously used Xcode as an initial attack vector to target Apple platform developers, researchers say. The latest attack is a short-term attack on Apple’s software software, not just software, but also a threat to the public.
Source: https://threatpost.com/xcode-macos-malware-apple-developers/164897/