A new macOS vulnerability could allow a malicious actor to evade an operating system’s Transparency, Consent, and Control (TCC) technology, providing the attacker with unauthorized access to a legitimate user’s protected information. The vulnerability, dubbed HM Surf, removes TCC protection in the directory for the Safari browser.
Source: Security Magazine