A years-old vulnerability has been discovered in the way several security products for Mac implement Apple's code-signing API that could make it easier for malicious programs to bypass the security check, potentially leaving millions of Apple users vulnerable to hackers.
Josh Pitts, a researcher from security firm Okta, discovered that several third-party security products for Mac—including