New macOS LPE, bypassing the fix for the 3rd time. Or 4th? Something like that. This also showcases the O_RESOLVE_BENEATH bypass in production. Since this is a double-race, this is a lucky run, usually it takes 2-3 minutes, but that's pretty acceptable to me.
Writeup comes as usual: when the bug is fixed and I have no further bypasses to report.
For anyone dealing with RASP protected apps, frida-strace is now your first step. Trace the syscalls, find what the app checks, hook those specific
functions, bypass. No more guessing. Frida 17.8.0+, kernel 6.1+ required.
#Frida#MobileSecurity#AppSec
My captured Coruna sample has got a lot further. It now loads everything from decrypted payload so you can freely replace dylibs for experiment. Safari-based TrollStore installer covering all supported versions is gonna be so real.
However this poses a risk for jailbreak users who may get infected by visiting malicious sites.
github.com/khanhduytran0/…
@Helthydriver@matteyeux IIRC after the file ending in min.js I only have DNS requests and I don’t have any HTTP req for show/details.html
I’ll look into the pcap again and might DM you if that’s ok
Lets talk about the privilege escalation from Coruna chain (iOS 16.6).
As seen in the console after the infection, the power management daemon attempts to establish an internet connection. By this point, the PE has already been executed.
@Nadsec11 > a single throwaway domain is cheaper to burn and harder to fingerprint behaviorally than a DGA
Stage 1 are delivered on MANY domains and there’s lots of DGA down the line..
You've never been more right to doubt your MacOS antivirus software 😥
Our latest research by @Coiffeur0x90 shows how Intego can be abused for Local Privilege Escalation
Yes, the antivirus.
Yes, as root.
blog.quarkslab.com/intego_lpe_mac…
Starting 2026 with a new blog! I've really been enjoying my Windows on ARM machine - so my post is about interrupts for WoA. This includes x64/ARM differences, virtual interrupts, Hyper-V's synthetic controller, and Secure Kernel interrupts/intercepts
connormcgarr.github.io/windows-arm64-…
By far the most comprehensive guide for virtual machines, literallyy.
-great for understanding low level concepts
-it's kind of very detailed guide
the whole thing is soo structured and anyone can understand vm.
[RELEASE] Part two is out! Callback chaining with tail calls and proxy frames to build semi-artificial call stacks and maybe annoy a few detection rules. Nothing ground breaking, but maybe somebody can pick up an idea or two.
Enjoy😉
klezvirus.github.io/posts/Callback…
259 Followers 580 FollowingCybersecurity student at École2600 🇫🇷 - Focused on DFIR and Apple systems security - Learning Japanese on my own/日本語は独学で学んでいて、まだまだ初心者なので、間違いがあればご容赦ください🙇🏻♂️
27 Followers 559 Following🛡️ Black Hat Defense | Free Penetration Test | Your Asset
💻 Specializing in cybersecurity solutions to outsmart black hat hackers.
2K Followers 5K FollowingTsurugi Linux founder & core developer - Italian ambassador and staff of old back|track Linux project (now Kali Linux) - #DFIR #OSINT #CTI
11K Followers 1K FollowingBiggest moron on the platform (probably). iOS Jailbreaking stuff. Openly Autistic.
Not a security researcher or developer.
Side Account: @MasterOfMike88
224 Followers 1K FollowingSoftware builder as a service, indie hacker @wymmo_com, crafter @RandoriSec, coder from father to daughter since 1337 ...
https://t.co/wxCLmex4s5
264 Followers 50 FollowingUsed to be an iOS Tweak dev (Aerial, Planetes, Nazuna etc.)
Be a tester: https://t.co/oQ8WNmFkRp
GitHub:https://t.co/pwpuDQv3tt
17K Followers 158 FollowingOfficial Account for the Embassy of the Islamic Republic of Iran in Accra
- Accredited to Togo and Liberia
(Access to previous account @IRANinGHANA is lost)
40K Followers 1 FollowingTweeting news from the world of information security that occurred or was announced on today's date in a previous year. Managed by @stevewerby.
11K Followers 991 FollowingSenior Security Research Engineer @Elastic / BlackHat USA & Asia Review Board / CTF for GIRLS / 著書『サイバー攻撃』/ サイバーセキュリティに関する総務大臣奨励賞 / My tweets are my own opinion
958 Followers 57 FollowingTeenage security researcher & systems developer.
CVE-2025-43539, making rustc_codegen_jvm, working on Asahi Linux
https://t.co/0NPoFmrES7 🇦🇺
24K Followers 4K FollowingCCIEx2 #50931 and stuff
Opinions are my own & not my employer
I give @UwU_Underground root access. Can't stop the psyop.
Assume most posts are sarcastic
583 Followers 7 Following2025年11月開催International Cybersecurity Challenge TOKYO 2025の公式アカウントです。
The official account of the ICC TOKYO 2025.We will share the latest updates. #icctokyo2025