Researchers Warn macOS textutil, KeePassXC Can Fuel Automation Attacks

Researchers warn that trusted tools like macOS’s textutil and KeePassXC can be exploited in automation attacks by manipulating their normal functions. Textutil can be tricked into making network requests when processing specially crafted HTML, potentially leading to SSRF-style risks, while KeePassXC can be bogged down by files with excessively high KDF settings, causing denial-of-service conditions.