Today Apple updated their security advisory for Xcode with my CVE-2024-44228 which allowed malicious apps inheriting Xcode's TCC permissions.

Wojciech Wojciech Reguła omówi założenia izolacji na macOS oraz techniki exploitacji. Na przykładzie kilku popularnych menedżerów haseł pokaże, jak nieuprzywilejowane złośliwe aplikacje mogą wykorzystywać triki i luki, by wykradać hasła. 🔜 omhconf.pl

Thank you BlackAlps for having me 🖤🍎

🍎🐛🎙️Following my #poc2024 talk we are releasing a blogpost series Kandji detailing the vulnerabilities of diskarbitrationd and storagekitd I discussed in my "Apple Disk-O Party" talk. First part is out, and covers CVE-2024-44175. kandji.io/blog/macos-aud…

PL: Już w przyszłym tygodniu będziecie mogli mnie zobaczyć na konferencji Oh My Hack gdzie opowiem o bezpieczeństwie menedżerów haseł na platformie macOS.

My favourite #OBTS Objective-See Foundation conference has just started 🌺🏝️ I’m looking forward to see all the amazing Apple security talks 🤓

Excited for Wojciech Reguła ‘s talk on password manager security on macOS at #OBTSv7 now 🙏 #OBTS

🔐 “Broken Isolation - Draining your Credentials from Popular macOS Password Managers” is the last talk before the afternoon break, and it’s a wake-up call we all need. Imagine your trusted vault—built to guard your most precious secrets—suddenly turning into the thief, leaking

Wojciech Regula(Wojciech Reguła) from Securing examined several popular password managers at #OBTS7 - MacPass/Bitwarden/Nordpass/ProtonPass/KeepassXC -showed how low-privileged malware can trick them to share their secrets! Checkout his iOS security training: courses.securing.pl

Here's a link to the project I released if you're interested: github.com/LaurieWired/Ma…

Is macOS security really as strong as it seems? 🤔 In theory, macOS apps should be fully isolated thanks to notarisation and sandboxing, but in practice, these protections often fall short. Join Wojciech Reguła at #NullconGoa2025 👉 nullcon.net/goa-2025/speak… #macOS #passwordmanager

🧐

OBTS v7 "Broken isolation: Draining your Credentials from Popular macOS Password Managers" by Wojciech Reguła Workstation compromise -> game over. youtube.com/watch?v=DqYyw2…

I'm considering taking a month off to write a filesystem training for #OBTS. Are any of you guys interested in that?

🧐

special thanks to Wojciech Reguła for their previous work in this space. it really helped me a lot!

My full TCC bypass fixed 2 years ago finally has a CVE 😁 support.apple.com/120945

Apple fixed 4 my vulnerabilities in macOS 15.4 (support.apple.com/en-us/122373). I believe that the libnetcore and Quick Look issues will also have CVEs assigned as they are not informative severity issues (e.g. full iOS/macOS parental control bypass). 🍎🔐

Very interesting macOS SBX

New Blog: CVE-2025-24103 : General TCC Bypass imlzq.com/apple/macos/tc…