Keychain is a built-in password manager for macOS. It houses passwords, encryption keys, and certificates from a wide range of sources including websites, apps, and attached hardware. Using a software tool he created called “KeySteal,” Henze can access all the passwords on a Mac’s keychain with one click.
He says that the exploit is similar to Patrick Wardle’s 2017 “KeychainStealer,” but whereas Apple has patched that vulnerability, this one is still wide open. He says that the program works without administrative privileges or root passwords. It also works with macOS login and system keychains.
