🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Earlier this year Amnesty Tech and clem1 from Google TAG found an in-the-wild iPhone zero day full chain. Today I’m publishing my analysis of the Safari sandbox escape component, the first in-the-wild sample to break into the new Safari GPU process.

Really proud to have 3 talks accepted for offensivecon! Congratz Quentin M, vdehors, David B and Lucas Georges 🥳 offensivecon.org/speakers/

#HEXACON2024 officially kicks off! 📣 We start by announcing our trainings for the next edition: hexacon.fr/trainings/ Training registrations will open in May

If you want to get into iOS security this training is definitely what you are looking for!

Registration for trainings is now open! ⏳ Don't miss your chance to learn from the best and have a great time in Paris 🥐 hexacon.fr/register/

Our ninjas will be at #OffensiveCon by the end of the week. Don't miss our 3 talks: 🧭Escaping the Safari Sandbox by Quentin M 🚘0-Click RCE on the Tesla Infotainment by vdehors and David B 🗝️Open Sesame by Lucas Georges See you there 👋

Interesting talk later this morning from Quentin M on WebKit IPC sandbox escapes, with reference to an in-the-wild exploit chain found by clem1 and Amnesty Tech. The chain was used customers of a UAE-based cyber mercenary company

.Quentin M is now on stage with Escaping the Safari Sandbox: A Tour of Webkit IPC!!

Here we are! Time for Quentin M talk at #OffensiveCon 🧭

Slides of my offensivecon talk are available: synacktiv.com/sites/default/…

WebKit developpers are always Faster Than Light 🙂 github.com/WebKit/WebKit/…

#OffensiveCon24 videos are now up! youtube.com/playlist?list=…

Escaping the Safari Sandbox: A tour of WebKit IPC #MobileSecurity #iOSsecurity [SLIDES] by Synacktiv synacktiv.com/sites/default/…

A few tickets for #HEXACON2024 are still on sale, don't miss them! Register for our top-notch trainings and learn from the best in the industry 🎓 hexacon.fr/register/

iOS is being touted as the "most secure OS", but is this claim substancial? Discover the many security features implemented by Apple with "iOS for Security Engineers" training: ➡️ hexacon.fr/trainer/meffre… 📆 30/09-03/10 2024 📍Espace Vinci, Rue des Jeuneurs, Paris

Half the tickets already sold! Checkout our four-day trainings on advanced AD and Azure exploitation and iOS internals at Hexacon in Paris this year (Sept 30th - Oct 3rd): 🌐 hexacon.fr/trainer/vincen… 🍎 hexacon.fr/trainer/meffre…

Just wrapped up two fantastic training sessions at #Hexacon! A big thank you to everyone who joined us for our deep dives into Active Directory/Azure and iOS internals. It was great to share knowledge and learn together!

Don't miss our 2 trainings 😉 🍎 iOS for Security Engineers ☁️ Azure intrusion for red teamers

Interesting WebContent PAC bypass github.com/WebKit/WebKit/…