A zero-day vulnerability (CVE-2021-30713) that allowed XCSSET malware to surreptitiously take screenshots of the victim’s desktop has been fixed by Apple on macOS 11.4 (Big Sur) on Monday.
The XCSSET malware and its CVE-2021-30713 exploitation
Discovered in August 2021 by Trend Micro researchers, XCSSET is effectively trojan spyware that can grab user data from Safari and other installed browsers, read Safari cookies, inject JavaScript backdoors onto websites, grab information from a variety of apps (Evernote, Telegram, WeChat, etc.), capture screenshots of the user’s screen, and more.
The malware is written in AppleScript – a scripting language developed by Apple – that facilitates control over script-enabled Mac applications.
It was previously discovered that XCSSET used a zero-day exploit to steal ..
Support the originator by clicking the read the rest link below.
 - Help Net Security){kind=link}