Recently theres been a new exploit going around where malicious files can be executed automatically via the "Open "safe" files after downloading" setting in Safari.
I've created a plist that completely disables the option that can be deployed via Jamf. If anyone is interested in using it, feel free to view / download here: https://github.com/GN/Disable-Open-Safe-Files-After-Downloading-Plist-MacOS-Jamf
