Useless bugs are just being given up too early.
2020-05-27
Similar to DLL sideloading, legit plugins on macOS could be abused to load executable code on startup.
2019-11-21
Relying on pid to validate IPC peer is unsafe.
2019-04-21
Applying web security tricks to macOS LPE bugs.
2019-04-13
TOCTOU bug in CoreFoundation and state change of sandbox lockdown on macOS Safari, leading to easy sandbox escape.
2019-03-26
The private API design of XPC could make it hard for 3rd-party developers to write security code.
2018-08-22
Code signature bypass and insecure sideloading gives root.
2018-08-22
Get some real life 0day by playing CTF challenges.
2018-08-07
Attacking the operating system by using its own security mechanism.
2018-06-18