If you've used a Mac running OS X Mountain Lion or later, you're well-acquainted with Gatekeeper: it's the security measure that prevents unsigned apps from running unless you want them to. Unfortunately, it turns out that this first line of defense isn't quite as secure as it's supposed to be. Synack security researcher Patrick Wardle has discovered a flaw that lets malware get around Gatekeeper and do what it wants with your system. The trick 'hijacks' a signed app to pretend that it's legit, and uses clever file packaging to launch hostile code once OS X declares the host app safe. Wardle only used one app in a proof of concept demonstration, but other apps should work. You could even use malicious plugins (say, Photoshop add-ons) to bypass Gatekeeper.

http://www.engadget.com/2015/09/30/m...eeper-exploit/