I came across this awesome video today youtube.com/watch?v=9Ch4a6…

We've set a soft deadline for 1-page articles to Paged Out #7 30 June 2025

My "Finding Vulnerabilities in Apple Packages at Scale" talk is up on YT 🎉

Time to enter a new era of detection & response for macOS 🤘

youtu.be/V9usMRDezsM?si… by Csaba Fitzl

Have some really exciting news to share: I'm joining Apple's Bug Bounty team out in Seattle next week! Unfortunately I will have to step down from my role with OpenCore Legacy Patcher, but super excited for what's to come. Thank you everyone who've helped make OCLP what is!

Weekend video drop - 2025 talks from Day 1 (June 12) of MacDevOps YVR. A lot of GitOps and Munki talks, and awesome Quick Talks. Check out the 2025 playlist: youtube.com/playlist?list=…

This is so much to the point. I agree 10000%. If you have only time for one article today, pick this.

Balance is restored.

⏳ Just one week left to submit your talk to #OBTS v8 objectivebythesea.org/v8/cfp.html (CFP closes June 30th). We’ve expanded to 3 days of talks this year, making room for even more cutting-edge research +  first-time speakers. So submit your Apple security-themed proposal today!

Hello friends. Check out this awesome and unique role that just opened up on my team in SEAR. Wanna secure Apple silicon, ROMs, iBoot, and more? jobs.apple.com/en-us/details/…

Are you a textbook or technical author, but don't want traditional publishers to leave you with a paltry $2 or so for a book which sells for $50+? Technologeeks Press can get your book printed in B&W or Color, and - most importantly - YOU keep 70% of the profit! DM for details!

Our rockstar Principal macOS Security Researcher Csaba Fitzl back at it again - this time speaking at this year's MacDevOpsYVR conference on "Finding Vulnerabilities in Apple Packages at Scale." 🔥

I lightly mentioned CVE-2025-31235, a double-free I found in coreaudiod/CoreAudio, during my OffensiveCon presentation last month. It's been derestricted now, so enjoy my writeup which includes a PoC and dtrace script to help understand the vulnerability! project-zero.issues.chromium.org/issues/4062711…

Six men over the age of 70 will race the Western States 100 this weekend! This is the race we'll be watching! #WS100 Learn more about "The Gang:" i-rn.fr/25WS100-AJW-To…

We're excited to announce a major new release of x64dbg! The main new feature is support for bitfields, enums and anonymous types, which allows all types in the Windows SDK to be represented and displayed 🔥

Weekends are for LuLu! 👨🏻‍💻🛡️🍎 Been working hard to add a top requested feature to LuLu: Profiles Please give the latest beta a whirl and report any Profile-related issues 🙏🏽🙏🏽🙏🏽 github.com/objective-see/… Learn more about LuLu's profile here: objective-see.org/products/lulu.…

💥🍎 Offensive security on macOS is totally different than Windows or Linux, mostly because the *identity* of a process is quite strong. Injection 💉 is almost nonexistent due to hardened runtime and sandbox, and the capabilities 🥷 of a process (entitlements) are bound to a

Thanks @8ksec for the recent #ARM64 #CTF. I wish to see Battleground continue to grow! In the blog below, I have gathered some learning resources about ARM64 that will save others' time. Additionally, you'll find a write-up about one of the challenges. patreon.com/posts/arm64-re…