Watch This SpaceA security research blog.2025-10-04T04:52:33-04:00https://wts.dev/https://wts.dev/favicon.pnghttps://wts.dev/logo.pngNoah Gregorynoah@wts.devhttps://github.com/nmggithubSQL Injection in TCC: and why it (probably) wasn't a security risk (this time)urn:uuid:37a37bc4-9184-4c25-99dd-fe36056b25682024-09-16T19:51:03-04:002024-09-16T19:51:03-04:00CVE-2024-54471: A Primerurn:uuid:6e10b1d2-7dcc-4a0f-90ad-98ca54d956c02024-12-11T21:24:50-05:002024-12-11T21:24:50-05:00Leaking Passwords (and more!) on macOSurn:uuid:e964aeb9-5e67-4196-8650-68b043af7edf2025-03-20Z15:34:37+00:002025-03-20Z15:34:37+00:00CVE-2025-24259: Leaking Bookmarks on macOSurn:uuid:35fc8dff-dcc5-499a-a8b2-4a5db432a2ed2025-03-31Z20:08:23+00:002025-04-01Z21:12:50+00:00Can You Really Trust That Permission Pop-Up On macOS? (CVE-2025-31250)urn:uuid:c66e84f9-534f-4cc6-ac0a-3d05fdd6d6f92025-05-12Z18:23:20+00:002025-05-14Z18:09:11+00:00CVE-2025-43253: Bypassing Launch Constraints on macOSurn:uuid:f65cfdc9-2fa7-4c0a-ae6c-8c28381421352025-07-31T14:07:03-04:002025-07-31T14:07:03-04:00I wrote an Objective-C bridge for Node.js. Don't use it.urn:uuid:6cf37816-73c6-455a-a399-bfa5ef5d629b2025-10-03T16:17:24-04:002025-10-04T04:52:33-04:00I Know The Name Of Your Wi-Fi Networkurn:uuid:650352a7-1256-44ac-a55e-31d8986a43bb2025-10-22T15:08:35-04:002025-10-22T15:08:35-04:00DirtyDict: Escaping the macOS Sandbox and wrecking havocurn:uuid:5eae4ba1-d2d1-4d02-af0d-1cb70e97b3102025-12-18T12:49:33-05:002025-12-18T12:49:33-05:00How I "hacked" ChatGPT Atlas... and why it wasn't patchedurn:uuid:de7c266e-bade-40ee-84d0-ba63b569ca3d2026-02-16T12:54:17-05:002026-02-16T12:54:17-05:00