Imagine the havoc a sophisticated threat actor could wreak by tricking a user into downloading and executing malicious code that current security products deem as safe. They can get access to personal data, financial details, or sensitive insider information. That scenario is precisely what could happen based on new research published today from Okta’s Research and Exploitation Team (REX). Okta REX has discovered a vulnerability in what is known as ‘code signing,’ effectively allowing any bad actor to impersonate Apple and allow malicious code to live undetected in a macOS machine indefinitely (or at least until it’s re-imaged or the offending file is removed). Today 91% of enterprises use Macs and depend on vendors like Carbon Black, Facebook, and Google to provide them with security tools to protect their environments. That trend is growing every year. People and businesses use Macs for many reasons; ease of use and security are.