Mac app iTerm2 received a security fix minutes ago for a severe security issue that leaked terminal content via DNS requests. Version 3.1.1 disables a feature that was added in iTerm 2.0.0 and was turned on by default. Users hovering their mouse over passwords, API keys, usernames, or other sensitive content, would unknowingly leak this information. The issue was first discovered ten months ago and was first reported by PowerDNS, a supplier of open-source DNS software.
Source: https://www.bleepingcomputer.com/news/security/iterm2-leaks-everything-you-hover-in-your-terminal-via-dns-requests/