1. Tailscale macOS XPC Service 'Downloader' Exposed: Missing Client Validation Allows Local App Access
A critical security flaw has been identified in the Tailscale macOS application, exposing an internal XPC service to any local program. The service, named "Downloader," lacks the mandatory `SMAuthorizedClients` validation, effectively removing the authentication barrier. This omission allows any application running on ...