If you are interested in expanding your knowledge about #iOS #application #security, be sure to check the iASE Course at: https://t.co/HVFMSp41su.    Here's a quick video about the content of the course 👇

Short post about LPE and TCC Bypass on macOS through third-party apps bundled with Sparkle framework - a reminder of why XPC services should validate their clients. https://t.co/uymrg3U72K

Binary Ninja plugins I developed during my XProtect Remediator research are now available in the Binary Ninja Plugin Manager! - Swift Analyzer - XProtect Remediator Analyzer - Missing Link Many thanks to @vector35 for suggesting it!

“I've taken that same anointing upon Ronald, speaking of Ronald Reagan, and I've put it upon my Donald .” @TheElijahList @ElijahStreamsTV

At #OBTS, Wojciech (@_r3ggi) from @SecuRingPL cleverly exposed different flaws in macOS location services, side-channels, leaky apps, and how attackers can track you without zero-days — and gave tips on how defenders can fight back.

🍹 Day 2 — Evening wrap (six talks, brains buzzing) #OBTS 🍏 – 🧪 Beyond Static Labels — behavior-first grayware: deception • persistence • monetization • consent • payload; Adload (2016–2025) proves stickers lie, behavior tells. Rousana Charles – 🧭 Who Cares Where Waldo Is

@iamevltwin @stuartjash @birchb0y @HuntressLabs A look at TCC with @_r3ggi #OBTS

I do feel cooked about my Mac OS location after @_r3ggi talk on Objective by the Sea in Ibiza Thanks for amazing presentation

🧭 LOST & FOUND (After-talk): Where’s Waldo on macOS? Wojciech Regula @_r3ggi — a mainstay and crowd favorite — just proved Waldo isn’t hiding… he’s cached. 📍 • Location Services = its own privacy subsystem, yet the location DB seams + side-channels can turn “non-precise”

🧭 Turn-by-turn to “Waldo” (macOS edition) Start at Privacy Framework Blvd. ➜ take a right on Location DB Lane (weak gates) ➜ cruise past Side-Channel Ave. (non-precise turns precise) ➜ arrive at “yep, we found you” 📍 Wojciech Regula @_r3ggi — an #OBTS 🍏 consistent

At #OBTS this week — always excited to connect with fellow security professionals. If you want to chat about macOS or iOS application security / pentests, find me around the sessions or reach out here!

This analysis was brought to you by the ipsw and ghidriff toolchain, plus some AI glue. I'll be dropping all the new research on automating Apple patch analysis at my talk "Reverse Engineering Apple Security Updates" at OBTS v8. Stop guessing, start knowing! #OBTSv8

For those missing the talk, Blog: https://t.co/XBvFMbsfi0 Slides:

New Blog: CVE-2025-24103 : General TCC Bypass https://t.co/8pBcq889at

Very interesting macOS SBX

Apple fixed 4 my vulnerabilities in macOS 15.4 ( https://t.co/jHkJ9SOPhZ). I believe that the libnetcore and Quick Look issues will also have CVEs assigned as they are not informative severity issues (e.g. full iOS/macOS parental control bypass). 🍎🔐

My full TCC bypass fixed 2 years ago finally has a CVE 😁 https://t.co/kCNFYvYxcr

special thanks to @_r3ggi for their previous work in this space. it really helped me a lot!

🧐

I'm considering taking a month off to write a filesystem training for #OBTS. Are any of you guys interested in that?

OBTS v7 "Broken isolation: Draining your Credentials from Popular macOS Password Managers" by @_r3ggi Workstation compromise -> game over. https://t.co/xRDeMNos2z

🧐