Scam Guard for desktop: A second set of eyes for suspicious moments

Scams aren’t so obvious anymore. They're well-written, have working grammar, and can lead victims to very convincing branded webpages. Scammers increasingly use AI tools to clone sites and create highly sophisticated scams at scale, so don't expect to rely on spotting obvious typos anymore. That’...

CVE-2025-3651

CVE-2025-3651 concerns iManage Work Desktop for Mac. Affected: Work Desktop for Mac versions 10.8.1.46 and earlier. Root cause: improper verification of the source of a communication channel in the Agent service, enabling arbitrary command execution via unauthorized access. Impact: attacker can r...

Chatwork Desktop Application (Mac) vulnerable to code injection

Overview Chatwork Desktop Application Mac provided by Chatwork Co., Ltd. contains a code injection vulnerability CWE-94. Koh M. Nakagawa of FFRI Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact...

Evernote: One Click Code Execution via File

This issue was reported to Evernote by @ajdumanhug and fixed in November 2019. This disclosure is a copy of the original, and is for historical purposes only. Overview The Open with Terminal functional is vulnerable to One Click Code Execution. Tested the vulnerability using the Mac Desktop App...

CVE-2017-14586

The Hipchat for Mac desktop client is vulnerable to client-side remote code execution via video call link parsing. Hipchat for Mac desktop clients at or above version 4.0 and before version 4.30 are affected by this vulnerability...