@objective-see.org.blog.html@rss-parrot.net
I'm an automated parrot! I relay a website's RSS feed to the Fediverse. Every time a new post appears in the feed, I toot about it. Follow me to get all new posts in your Mastodon timeline! Brought to you by the RSS Parrot.
---
Site URL: objective-see.org/blog.html
Feed URL: objective-see.org/rss.xml
Posts: 11
Followers: 8
ClickFix: Stopped at ⌘+V
https://objective-see.org/blog/blog_0x85.html
Published: February 15, 2026 00:00
ClickFix represents a shift in attacker tradecraft, exploiting user trust rather than software vulnerabilities. In this post, we introduce a lightweight execution-boundary defense that intervenes at paste time to generically disrupt most ClickFix-style…
The Mac Malware of 2025
https://objective-see.org/blog/blog_0x84.html
Published: January 1, 2026 00:00
It's here! Our annual report on all the Mac malware of the year (2025 edition). Besides providing samples for download, we cover infection vectors, persistence mechanisms, payloads and more!
A Remote Pre-Authentication Overflow in LLDB's debugserver
https://objective-see.org/blog/blog_0x83.html
Published: December 8, 2025 00:00
In this guest blog post, Nathaniel Oh, details a recent bug he discovered and reported to Apple: a remote pre-authentication buffer overflow in LLDB’s debugserver, now patched as CVE-2025-43504.
Restoring Reflective Code Loading on macOS (Part II)
https://objective-see.org/blog/blog_0x82.html
Published: November 24, 2025 00:00
Let's continue our research into fully restoring reflective code loading on macOS — now with support for macOS 26 and in-memory Objective-C payloads. And what about detection? We cover that too!
[0day] From Spotlight to Apple Intelligence
https://objective-see.org/blog/blog_0x81.html
Published: September 15, 2025 00:00
Malicious Spotlight plugins can leak bytes from TCC-protected files. And while the core bug was publicly disclosed almost a decade ago, it's still present in macOS 26!
TCCing is Believing: Apple finally adds TCC events to Endpoint Security!
https://objective-see.org/blog/blog_0x7F.html
Published: March 27, 2025 00:00
Apple will bring TCC events to Endpoint Security in macOS 15.4. In this post, we covers details, nuances, and provide PoC code for the new 'ES_EVENT_TYPE_NOTIFY_TCC_MODIFY' event.
Leaking Passwords (and more!) on macOS
https://objective-see.org/blog/blog_0x7E.html
Published: March 20, 2025 00:00
In this guest blog post, researcher Noah Gregory shares the technical details of a bug he uncovered (that was subsequently patched by Apple as CVE-2024-5447).
The Mac Malware of 2024
https://objective-see.org/blog/blog_0x7D.html
Published: January 1, 2025 00:00
It's here! Our annual report on all the Mac malware of the year (2024 edition). Besides providing samples for download, we cover infection vectors, persistence mechanisms, payloads and more!
Restoring Reflective Code Loading on macOS
https://objective-see.org/blog/blog_0x7C.html
Published: December 16, 2024 00:00
Apple silently 'broke' in-memory code loading on macOS ...let's restore it!
The Hidden Treasures of Crash Reports
https://objective-see.org/blog/blog_0x7B.html
Published: August 13, 2024 00:00
Analyzing crash reports reveals malware, (0-day) bugs, and much more!
This Meeting Should Have Been an Email
https://objective-see.org/blog/blog_0x7A.html
Published: June 15, 2024 00:00
A DPRK stealer, dubbed BeaverTail, targets users via a trojanized meeting app. Let's analyze it comprehensively.