Posts

Vulnerability Overview CVE-2026-20660 is a path handling vulnerability in Apple’s CFNetwork framework that allows a remote attacker to write files to arbitrary locations on the victim’s filesystem by serving a malicious gzip file. Field Details Component CFNetwork (macOS) Impact A remote user may be able to write arbitrary files Fix Description A path handling issue was addressed with improved logic Fixed In Safari 26.3 / macOS Sequoia 26.3 (2026-02-11) Discovered By Amy Vulnerability Class Path Traversal via Gzip FNAME header (RFC 1952) Trigger Condition Safari “Open safe files after downloading” enabled (on by default) Advisory Apple Security Release - Safari 26.3 Disclosure note: This is a 1-day analysis performed independently after Apple released the fix in Safari 26.3. The original vulnerability was discovered and reported by Amy. All testing was conducted on macOS with the affected version (Safari 26.2 / macOS 26.2.1) against locally controlled systems. ...

For any serious reverse engineer, keeping a clean and organized scripting environment is key. Using a Python virtual environment (venv) for your IDA Pro projects is the best way to manage dependencies and avoid conflicts. Many online guides are outdated, recommending methods that no longer work. This post provides a single, modern, and straightforward solution to connect a Python venv to IDA Pro on macOS using the official, built-in IDAPythonrc startup script. ...

Have you ever wanted to peek inside an app on your iPhone or iPad to see exactly what data it’s processing, especially to understand what information it’s sending or receiving? Today, I’ll introduce you to a simple yet powerful method using Frida, which enables you to dynamically detect the parameters of a special piece of code called a “block” within iOS applications. First: What Exactly is a Block? In iOS programming, a block is a small, self-contained piece of code that you can pass around your app to be executed later. Imagine it as giving your phone number (the block) to a friend who can then call you when something important happens. ...

Download UTM and install it. You can use command brew install --cask utm Download the image form https://releases.ubuntu.com/22.04/ and install it. Then install gdb server by running the command sudo apt install gdbserver if you wan to debug some executable file for 32 bit, then you must run the command: sudo dpkg --add-architecture i386 sudo apt update sudo apt install libc6:i386 libncurses5:i386 libstdc++6:i386 After the environment setup, you could use ...

It’s just I need to find a way to record my life and have to improve my writing skills.