http://www.washingtonpost.com/blogs/the-switch/wp/2017/09/26/how-worried-you-should-be-about-the-security-flaw-in-apples-new-macos/

Apple has acknowledged a reported security flaw with its latest free macOS update, High Sierra, which was released for download Monday.

As outlined over at Forbes, security researcher Patrick Wardle published evidence that it's possible for programs not approved by Apple to pick up passwords stored in a Mac's “keychain” — the place that stores passwords you've asked Apple to remember for you. There's no evidence that anyone has used this attack, but it is a bit of a bruise on the launch.