* expands to all the files in the current working directory, as can be seen with: echo *
if you just run: * then you will be running the first file of them. *But* if you have a program that allows to provide an arbitrary "*" as the first command parameter, it would allow inserting the name of other unwanted programs, too. Which is more concerning.
