-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathfeed.xml
More file actions
136 lines (136 loc) · 5.35 KB
/
feed.xml
File metadata and controls
136 lines (136 loc) · 5.35 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
<title>Watch This Space</title>
<subtitle>A security research blog.</subtitle>
<updated>2025-10-04T04:52:33-04:00</updated>
<id>https://wts.dev/</id>
<icon>https://wts.dev/favicon.png</icon>
<logo>https://wts.dev/logo.png</logo>
<link href="https://wts.dev/feed.xml" rel="self" />
<link href="https://wts.dev" />
<author>
<name>Noah Gregory</name>
<email>noah@wts.dev</email>
<uri>https://github.com/nmggithub</uri>
</author>
<entry>
<title>SQL Injection in TCC: and why it (probably) wasn't a security risk (this time)</title>
<link href="https://wts.dev/posts/tcc-sql-injection" rel="alternate" />
<id>urn:uuid:37a37bc4-9184-4c25-99dd-fe36056b2568</id>
<published>2024-09-16T19:51:03-04:00</published>
<updated>2024-09-16T19:51:03-04:00</updated>
<category term="Security" />
<category term="macOS" />
<category term="TCC" />
<category term="SQL" />
<category term="SQL Injection" />
</entry>
<entry>
<title>CVE-2024-54471: A Primer</title>
<link href="https://wts.dev/posts/CVE-2024-54471-primer" rel="alternate" />
<id>urn:uuid:6e10b1d2-7dcc-4a0f-90ad-98ca54d956c0</id>
<published>2024-12-11T21:24:50-05:00</published>
<updated>2024-12-11T21:24:50-05:00</updated>
<category term="Security" />
<category term="macOS" />
<category term="CVE-2024-54471" />
</entry>
<entry>
<title>Leaking Passwords (and more!) on macOS</title>
<link href="https://wts.dev/posts/password-leak" rel="alternate" />
<id>urn:uuid:e964aeb9-5e67-4196-8650-68b043af7edf</id>
<published>2025-03-20Z15:34:37+00:00</published>
<updated>2025-03-20Z15:34:37+00:00</updated>
<category term="Security" />
<category term="macOS" />
<category term="leaking" />
<category term="iCloud" />
<category term="NetAuthAgent" />
<category term="CVE-2024-54471" />
</entry>
<entry>
<title>CVE-2025-24259: Leaking Bookmarks on macOS</title>
<link href="https://wts.dev/posts/bookmarks-leak" rel="alternate" />
<id>urn:uuid:35fc8dff-dcc5-499a-a8b2-4a5db432a2ed</id>
<published>2025-03-31Z20:08:23+00:00</published>
<updated>2025-04-01Z21:12:50+00:00</updated>
<category term="Security" />
<category term="macOS" />
<category term="leaking" />
<category term="bookmarks" />
<category term="Safari" />
<category term="CVE-2025-24259" />
</entry>
<entry>
<title>Can You Really Trust That Permission Pop-Up On macOS? (CVE-2025-31250)</title>
<link href="https://wts.dev/posts/tcc-who" rel="alternate" />
<id>urn:uuid:c66e84f9-534f-4cc6-ac0a-3d05fdd6d6f9</id>
<published>2025-05-12Z18:23:20+00:00</published>
<updated>2025-05-14Z18:09:11+00:00</updated>
<category term="Security" />
<category term="macOS" />
<category term="TCC" />
<category term="Apple Events" />
<category term="CVE-2025-31250" />
</entry>
<entry>
<title>CVE-2025-43253: Bypassing Launch Constraints on macOS</title>
<link href="https://wts.dev/posts/bypassing-launch-constraints/" rel="alternate" />
<id>urn:uuid:f65cfdc9-2fa7-4c0a-ae6c-8c2838142135</id>
<published>2025-07-31T14:07:03-04:00</published>
<updated>2025-07-31T14:07:03-04:00</updated>
<category term="Security" />
<category term="macOS" />
<category term="Launch Constraints" />
<category term="CVE-2025-43253" />
</entry>
<entry>
<title>I wrote an Objective-C bridge for Node.js. Don't use it.</title>
<link href="https://wts.dev/posts/nobjc/" rel="alternate" />
<id>urn:uuid:6cf37816-73c6-455a-a399-bfa5ef5d629b</id>
<published>2025-10-03T16:17:24-04:00</published>
<updated>2025-10-04T04:52:33-04:00</updated>
<category term="Security" />
<category term="macOS" />
<category term="Node.js" />
<category term="Objective-C" />
<category term="Electron" />
</entry>
<entry>
<title>I Know The Name Of Your Wi-Fi Network</title>
<link href="https://wts.dev/posts/ipconfig/" rel="alternate" />
<id>urn:uuid:650352a7-1256-44ac-a55e-31d8986a43bb</id>
<published>2025-10-22T15:08:35-04:00</published>
<updated>2025-10-22T15:08:35-04:00</updated>
<category term="Security" />
<category term="macOS" />
<category term="Wi-Fi" />
<category term="Wardriving" />
</entry>
<entry>
<title>DirtyDict: Escaping the macOS Sandbox and wrecking havoc</title>
<link href="https://wts.dev/posts/dirtydict/" rel="alternate" />
<id>urn:uuid:5eae4ba1-d2d1-4d02-af0d-1cb70e97b310</id>
<published>2025-12-18T12:49:33-05:00</published>
<updated>2025-12-18T12:49:33-05:00</updated>
<category term="Security" />
<category term="macOS" />
<category term="DirtyDict" />
<category term="NSSpellChecker" />
<category term="NSSpellServer" />
<category term="path traversal" />
</entry>
<entry>
<title>How I "hacked" ChatGPT Atlas... and why it wasn't patched</title>
<link href="https://wts.dev/posts/chatgpt-atlas-bug/" rel="alternate" />
<id>urn:uuid:de7c266e-bade-40ee-84d0-ba63b569ca3d</id>
<published>2026-02-16T12:54:17-05:00</published>
<updated>2026-02-16T12:54:17-05:00</updated>
<category term="Security" />
<category term="macOS" />
<category term="ChatGPT" />
<category term="Atlas" />
<category term="Chrome" />
<category term="Electron" />
</entry>
</feed>