Researcher claims Claude Desktop installs “spyware” on macOS

Security researcher Alexander Hanff wrote an article titled Anthropic secretly installs spyware when you install Claude Desktop. Claims like that are bound to create two sides, so we searched for an official rebuttal by Anthropic. But we couldn’t find one. It would surprise me very much if they’d...

CVE-2022-49813

creationtimestamp| type| source ---|---|--- 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8...

CVE-2022-50378

creationtimestamp| type| source ---|---|--- 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8...

PT-2025-04: Partial Denial of Service (DoS) in Mobile Security Framework (MobSF)

The vulnerability was identified in Mobile Security Framework MobSF , versions 4.3.0. The discovered vulnerability allows an attacker to modify the Info.plist file and add special characters to the bundle identifier, resulting in a denial of service 500 error of the application. Vulnerability...

CVE-2025-24804 Partial Denial of Service (DoS) in MobSF

Mobile Security Framework MobSF is an automated, all-in-one mobile application Android/iOS/Windows pen-testing, malware analysis and security assessment framework. According to Apple's documentation for bundle ID's, it must contain only alphanumeric characters A–Z, a–z, and 0–9, hyphens -, and...

PT-2025-5746 · Unknown · Mobile Security Framework

Name of the Vulnerable Software and Affected Versions: Mobile Security Framework MobSF versions prior to 4.3.1 Description: The issue arises when an attacker manually modifies the CFBundleIdentifier value in the Info.plist file by adding special characters, which are not allowed according to...

PT-2025-5745

Name of the Vulnerable Software and Affected Versions: Mobile Security Framework MobSF versions prior to 4.3.1 Description: The issue concerns a stored cross-site scripting XSS vulnerability in the iOS Dynamic Analyzer functionality of the Mobile Security Framework MobSF. According to Apple's...

CVE-2024-10467

creationtimestamp| type| source ---|---|--- 2024-10-29 21:37:34+00:00| seen| https://vulnerability.circl.lu/bundle/182792b2-c649-42b2-8ec1-3ec1cf492060...

CVE-2022-48863

creationtimestamp| type| source ---|---|--- 2024-07-16 16:16:51+00:00| seen| https://t.me/cvedetector/954 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8...

PT-2023-25715 · Sentry · Sentry

Name of the Vulnerable Software and Affected Versions: Sentry versions 8.21.0 through 23.5.1 Description: An authenticated user can download a debug or artifact bundle from arbitrary organizations and projects with a known bundle ID, without needing to be a member of the organization or having...

TAU Threat Intelligence Notification – WindTail (OSX)

Summary Dark Matter researcher Taha Karim recently presented his research on the APT group WindShift at Hack in the Box Singapore. This group primarily focuses on highly targeted campaigns directed toward Middle Eastern government and commercial entities. One of the custom macOS backdoors employe...

MACOS: Need to whitelist Citrix Workspace Kernel Extensions - need Team ID and Bundle ID

Need to whitelist Citrix Workspace Kernel Extensions - need Team ID and Bundle Identifier to load into macOS MDM provider...