As promised, I just dropped a dozen new sandbox escape vulnerabilities at #POC2024.If you missed the talk, here is the blog post:. Slides:. Enjoy and find your own bugs 😎.

RT @dillon_franke: I lightly mentioned CVE-2025-31235, a double-free I found in coreaudiod/CoreAudio, during my OffensiveCon presentation l….

RT @theevilbit: My "Finding Vulnerabilities in Apple Packages at Scale" talk is up on YT 🎉.

RT @08Tc3wBB: Woah, @WangTielei talk “Sending Me Your IOUserClients: A Bypass to Immovable Ports” at @deepsec_cc was insanely good! I enjoy….

RT @patrickwardle: Stoked for Jaron Bradley's soon to be released 2nd-book: "Threat Hunting macOS" 😍📚 (And was honored to write its forward….

RT @dfsec_com: Our new blog post is live:

RT @ifsecure: The slides for my OffensiveCon talk "Finding and Exploiting 20-year-old bugs in Web Browsers"

RT @dillon_franke: Thrilled to announce my new Project Zero blog post is LIVE! 🎉 I detail my knowledge-driven fuzzing process to find sandb….

RT @ProjectZeroBugs: XNU VM_BEHAVIOR_ZERO_WIRED_PAGES behavior allows writing to read-only pages

RT @OligoSecurity: Oligo Security researchers uncovered critical vulnerabilities in Apple's AirPlay protocol, affecting billions of devices….

Exploit to escape the app sandbox:.1. Drop the exploit.aar from a sandboxed app.2. open exploit.aar (quarantined).3. open from $TMPDIR.4. open ~/Downloads/poc.app (not quarantined).(Step 3 is killed on the latest macOS, but should work on Sonoma).

RT @ale_sp_brazil: Technical analysis of CVE-2025-31201: reverse engineering the diff between iOS 18.4 and 18.4.1 to study the changes made….

RT @deepsec_cc: [Official Announcement]: 2025 IS COMING!!!. This is a community-driven, non-profit information secu….

I got 14 new Apple CVEs in this release😎

RT @patrickwardle: Apple will (finally!) bring TCC events to Endpoint Security in macOS 15.4 🥳. I've just posted "TCCing is Believing" whic….

RT @i41nbeer: My writeup of the 2023 NSO in-the-wild iOS zero-click BLASTDOOR webp exploit: Blasting Past Webp -.

RT @wtsdev: It's here. My write-up for CVE-2024-54471. Enjoy :).

RT @theevilbit: Apple says that the bounty for a vuln which has an LPE+Full TCC bypass impact is the same as a full TCC bypass alone, becau….

RT @alfiecg_dev: I've just published a new blog post detailing how I developed a deterministic kernel exploit for iOS. Enjoy!. https://t.co/….

RT @objective_see: Stoked to announce 'Objective by the Sea' v8.0! . the world's only dedicated 🍏-security conference!. #OBTS v8.0:.📍 Ibi….

RT @j_duffy01: 🚀 Technical Analysis! Just published my analysis of how a faulty GIF leads to a DoS condition in Apple’s iWork Suite on macO….