A zero-day vulnerability (CVE-2021-30713) in the latest macOS was exploited by XCSSET malware which allows an attacker
to bypass the Transparency Consent and Control (TCC) framework and gives unauthorized access to the microphone,
webcam, recording the screen, or even taking screenshots on infected Macs without prompting for user approval .The
MITRE technique used by the adversary is T1222.
https://hivepro.com/wp-content/uploads/ ... 202114.pdf