Vulnerability found with MacKeeper


Security researcher Braden Thomas has discovered a serious flaw in the way MacKeeper handles custom URLs that allows arbitrary commands to be run as root with little to no user interaction required.

My impression of MacKeeper is that it's basically garbage, but now there's a valid reason to not use it.