So the CVE-2020-11470 is back. “This effectively disables code signature verification for its dynamic libraries and enables a code injection attack that Wardle calls “dylib proxying”. It’s not clear why Zoom uses this exception since its own libraries appear to be properly signed.” https://www.csoonline.com/article/3535789/weakness-in-zoom-for-macos-allows-local-attackers-to-hijack-camera-and-microphone.amp.html Check latest pkg with Suspicious Package [0] analyzer. [0] https://www.mothersruin.com/software/SuspiciousPackage/ Story Published at: August 14, 2022 […]