🎉 My submission for Black Hat USA (@BlackHatEvents #BHUSA) has been accepted!. I will talk about reverse engineering results of XProtect Remediator (XPR). XPR doesn’t just scan files using YARA rules and delete malware — it does a lot more! It uses a creative mechanism that

I'm heading to Vegas. See you at the venue! #BHUSA

RT @theevilbit: Apple failed to fix this so many times. I first reported this back in macOS Big Sur, and it's literally detailed in my EXP-….

My dream came true!.My submission for #OBTS has been accepted! I’ll be talking about the internals of XProtect Remediator, including its detection logic and the DSL implemented using Swift result builders. To be honest, there are many veteran researchers on the list, so I’m.

RT @objective_see: 📢 Just dropped: the full #OBTS v8 talk lineup! And for the first time we'll have 3 full days of….

The abstract of this talk is here.

My submission for #NullconBerlin2025 has been accepted! I will talk about the details of CVE-2025-24204, which breaks process isolation on macOS.

RT @patrickwardle: ⏳ Just one week left to submit your talk to #OBTS v8 .(CFP closes June 30th). We’ve expanded to….

RT @karmaz95: Think RAM forgets? 🤔 Not always. See how secrets can leak, what mitigations exist on major OS like #macOS, #Windows, #Linux,….

RT @MacDevOpsYVR: 🥰 Thanks for an awesome talk @theevilbit on finding vulnerabilities in Apple packages at scale (using AI) at MDO YVR 2025….

RT @PhorionTech: Introducing Phorion. A modern EDR platform purpose-built for macOS. Because security teams shouldn’t have to settle for Wi….

RT @theevilbit: My "Finding Vulnerabilities in Apple Packages at Scale" talk is up on YT 🎉.

RT @jbradley89: My next book is open for pre-orders!!!. I have included the first two chapters in audiobook form for free. You can listen t….

RT @InfPCTechStack: Our talk at #BHUSA @BlackHatEvents Briefings has been accepted!. This is a presentation on an initiative to make the BI….

@BlackHatEvents Sorry, I forgot to attach the link to the abstract.

RT @InvokeReversing: We're excited to announce the release of BinjaLattice MCP! With this, you can reverse engineer binaries with Binary Ni….

Haven’t been able to do vulnerability research for a while, but finally back at it. 2 CVEs and 1 additional recognition. CVE-2025-24204 is simple yet powerful. I'm planning to talk about it somewhere soon (hopefully).

RT @Technologeeks: Get unparalleled depth on #Scudo Memory allocator internals - AND a sneak peek at @Morpheus______'s surprise new book -….

RT @MsftSecIntel: Microsoft Threat Intelligence has uncovered a new variant of XCSSET, a sophisticated modular macOS malware that targets u….

RT @0xjprx: When the kernel is sus. CVE-2024-54507 is an XNU bug fixed in macOS 15.2 / iOS 18.2. Enjoy!.