Researchers are warning users about the Coldroot remote access Trojan that is going undetected by AV engines and targets MacOS computers.

An insecure Apple authorization API is used by numerous popular third-party application installers and can be abused by attackers ro run code as root.

System Integrity Protection (SIP) was implemented in OS X El Capitan and imposes limitations on what actions that Mac computers’ root accounts can take against protected paths of the operating system. Yesterday at the SysCan360 conference in Singapore, a researcher from SentinelOne disclosed details of a vulnerability that was patched by Apple this week only...