51 posts
all (51)Meta (1)macOS (16)Linux (13)AI (18)Kernel (3)
2026
June
- [ 2026-06-06 ] PACMAN: Breaking ARM Pointer Authentication with Speculative Execution
- [ 2026-06-05 ] SoK: Bootloader Security Is Worse Than You Think
- [ 2026-06-04 ] macOS Penetration Testing: Assembling the Full Chain
- [ 2026-06-03 ] Getting Kernel Code Execution: Racing the KEXT Loader
May
- [ 2026-05-27 ] Symlink and Hardlink Attacks: Lying to Root About Where Files Live
- [ 2026-05-20 ] Bypassing TCC: Three Ways Around macOS Privacy Controls
- [ 2026-05-13 ] The macOS Sandbox: Profiles, Internals, and Two Escapes
- [ 2026-05-06 ] XPC Attacks: When Privileged Helpers Forget to Ask Who's Calling
- [ 2026-05-05 ] AI Red Teaming in the Agentic Era: From Weeks to Hours
April
- [ 2026-04-29 ] Function Hooking on macOS: Interposing, Swizzling, and a Stolen KeePass Password
- [ 2026-04-22 ] The Mach Microkernel: Injecting Code Through a Task Port
- [ 2026-04-15 ] Dylib Injection and Hijacking: Getting Your Code Into Someone Else's Process
- [ 2026-04-08 ] Writing macOS Shellcode From Scratch: Syscalls, Bind Shells, and the 0x2000000 Trick
- [ 2026-04-01 ] Reading Mach-O Binaries: The macOS Reverse Engineering Toolkit
March
- [ 2026-03-25 ] macOS Internals: Drawing the Attacker's Map
February
- [ 2026-02-26 ] The End of Online Anonymity? How LLMs Are Cracking the Code of Practical Obscurity
- [ 2026-02-21 ] Can a 7B Model Beat GPT-o3 at Finding Bugs? Meet VulnLLM-R
- [ 2026-02-16 ] Securing the Agentic Future: A Deep Dive into AI-Agent Protocol Threats
- [ 2026-02-14 ] Prompt Injection is Dead. Long Live Promptware: The 7-Stage Kill Chain
- [ 2026-02-09 ] Finding Backdoors in LLMs Using Their Own Memory
- [ 2026-02-05 ] Meet Co-RedTeam: How Multi-Agent AI is Automating Red Teaming
- [ 2026-02-02 ] Automating the Hackers: How AGENTICRED is Revolutionizing AI Red-Teaming
2025
December
- [ 2025-12-30 ] The Rookie Hacker: How LLMs are Leveling the Cybersecurity Playing Field
- [ 2025-12-30 ] Beyond the Receipt: How Agentic AI Can Build Self-Defending Software Supply Chains
- [ 2025-12-25 ] Automated Hiring is Broken: How Adversarial Prompts are Exploiting LLM Resume Screeners
- [ 2025-12-12 ] Unveiling the Challenges of Real-World AI Safety with TOXICCHAT
- [ 2025-12-12 ] BootKitty: Deconstructing the Ultimate Bootkit-Rootkit Hybrid
- [ 2025-12-10 ] Sift or Get Off the PoC: How SiftRank Uses LLMs to Find Vulnerabilities in a Haystack
- [ 2025-12-03 ] The Bard's Backdoor: How Poetry is Breaking AI Safety
September
- [ 2025-09-02 ] Why AI Hallucinates: Peering Inside the Transformer Brain
June
- [ 2025-06-25 ] A Journey Through Linux Kernel Memory Management
- [ 2025-06-01 ] Scaling Security Testing: Closing the Reachability Gap with LLM Agents
2024
December
- [ 2024-12-21 ] Kernel Diaries - Introduction
November
- [ 2024-11-05 ] Emulating Memory Sealing in Linux - A Deep Dive
July
February
- [ 2024-02-28 ] Maybe It Was the Network After All: TCP Latency With Evidence
- [ 2024-02-21 ] When the Disk Did Do It: Block I/O Latency Without the Averages
- [ 2024-02-14 ] The Disk Didn't Do It: File System Latency Is What Your App Feels
- [ 2024-02-07 ] Free Memory Is Memory Doing Nothing: Page Cache, Reclaim, and the OOM Killer
January
- [ 2024-01-31 ] Busy Doing Nothing: CPU Utilization, Run Queues, and IPC
- [ 2024-01-24 ] Better Flashlights: How Linux Observability Works Under the Tools
- [ 2024-01-17 ] Where the Light Is Best: Why Performance Analysis Needs a Method
2023
October
- [ 2023-10-29 ] Deconstructing macOS Security: Endpoint Detection and Hardening
- [ 2023-10-28 ] Deconstructing macOS Security: The Sandbox and TCC
- [ 2023-10-27 ] Deconstructing macOS Security: Code Signing and Notarization
- [ 2023-10-26 ] Deconstructing macOS Security: XNU, SIP, and The Ring Model
January
- [ 2023-01-01 ] Style Guide & Feature Test