Csaba Fitzl
@theevilbit
macOS Security -- Trail running 🏃 -- Mountains ⛰ -- Tolkien fan
📣I’m happy to announce that I’m planning to write a brand new “macOS Vulnerability Research” training. 🥳 Considering the amount of work the writing requires it will be available late 2025 or early 2026. It will be Live class only, and likely only once or twice a year.

There is “I fucked up” And there is “I built an app and accidentally leaked the drivers licenses of thousands of women on the internet” level of fucked up RIP
Binary Ninja 5.1 is now released: binary.ninja/2025/07/24/5.1… - New WARP function matching - Pseudo Objective-C - Binexport plugin built-in - IL Rewriting Examples, APIs, and Docs - Arch: PPC VLE, mips-r5900, x32 + Much more!
What happened to XProtect this week? eclecticlight.co/2025/07/11/wha… via @howardnoakley
This is an excellent course that I refer back to all the time. Worth every penny. Get your OSMR certification with EXP-312 | OffSec offsec.com/courses/exp-31…
Super excited to be back at OBTS, this time we will talk with @gergely_kalman about a super cool vulnerability we worked on last year. 🎉 The lineup is amazing as always!!
📢 Just dropped: the full #OBTS v8 talk lineup! objectivebythesea.org/v8/talks.html And for the first time we'll have 3 full days of presentations! 🤩 Congrats to the selected speakers and mahalo to all who submitted. With ~100 submissions, selecting the final talks was a daunting task! 😫
⚠️New Research: Clickfix on macOS - AppleScript Stealer via Terminal Prompts A new phishing campaign is using Clickfix to bypass downloads and trick users into running base64 -d | bash in Terminal. The AppleScript payload grabs browser data, crypto wallets, and cookies, then…
📢 Just dropped: the full #OBTS v8 talk lineup! objectivebythesea.org/v8/talks.html And for the first time we'll have 3 full days of presentations! 🤩 Congrats to the selected speakers and mahalo to all who submitted. With ~100 submissions, selecting the final talks was a daunting task! 😫
“programming languages don’t matter anymore”. THIS. That’s what I’m going to build my upcoming conference talk about. You are no longer an iOS/Web/Backend dev. You are a builder.
My first ever #iOS #swift code. Programming language does not matter any more!
One good thing coming out of the current administration: the US is actually forcing the UK to back down on backdoors. arstechnica.com/tech-policy/20…
#x33fcon 2025 talks: @malmoeb - From Zero to a Moderately Skilled MacOS Forensic Analyst > youtu.be/cgHmv2JKZ-Y
New RE Video: youtube.com/watch?v=skOsJj… In this video, I reverse engineer a malicious SwiftUI dropper. Swift is fun to RE so I thought it would be a good idea :) Shout out to @txhaflaire for their recent blog post that covers this malware.
Liquid Glass, but its 2008: highcaffeinecontent.com/blog/20080323-… (yes, I know this is just blur, but it's cool nonetheless)
Doing a Swift RE talk at #DEFCON33 @MalwareVillage :) Never been to DEFCON before so I’m looking forward to meeting people! #DC33 #MalwareVillage
Help us improve SecureBoot at Apple! Join the team which works on core Apple technologies such as AppleImage4, AMFI, TXM, XNU, and the Security Research Device! jobs.apple.com/en-us/details/…
Weekends are for LuLu! 👨🏻💻🛡️🍎 Been working hard to add a top requested feature to LuLu: Profiles Please give the latest beta a whirl and report any Profile-related issues 🙏🏽🙏🏽🙏🏽 github.com/objective-see/… Learn more about LuLu's profile here: objective-see.org/products/lulu.…
💥🍎 Offensive security on macOS is totally different than Windows or Linux, mostly because the *identity* of a process is quite strong. Injection 💉 is almost nonexistent due to hardened runtime and sandbox, and the capabilities 🥷 of a process (entitlements) are bound to a…
Thanks @8ksec for the recent #ARM64 #CTF. I wish to see Battleground continue to grow! In the blog below, I have gathered some learning resources about ARM64 that will save others' time. Additionally, you'll find a write-up about one of the challenges. patreon.com/posts/arm64-re…
I came across this awesome video today youtube.com/watch?v=9Ch4a6…
We're excited to announce a major new release of x64dbg! The main new feature is support for bitfields, enums and anonymous types, which allows all types in the Windows SDK to be represented and displayed 🔥
Six men over the age of 70 will race the Western States 100 this weekend! This is the race we'll be watching! #WS100 Learn more about "The Gang:" i-rn.fr/25WS100-AJW-To…