Joined October 2011
- Tweets 5,098
- Following 1
- Followers 18,883
- Likes 2,398
639 Photos and videos
Pinned Tweet
Our Valentine's Day gift 💝
objectivebythesea.org/v9/ind…
Announcing Objective by the Sea (#OBTS) v9.0:
👩🏻💼 Train: Nov 15-17
👩🏻🏫 Talks: Nov 18-20
📍 Maui, Hawaii, 2026
CFP (talks & trainings) and tickets are now officially open! Hope to see you by the sea 🏝️
Special 🙏🏽 to @andyrozen!!
3
9
45
11,263
Objective-See Foundation retweeted
apple-zlib: uninitialized memory leak during decompression in inflate project-zero.issues.chromium…
6
34
4,319
Objective-See Foundation retweeted
Jun 11
Lineup for the next (free!) Objective for the We #OFTW is 🔥
📍 Berlin
🗓️ July 30–31, 2026
Join us! 🤩
Only ~2 weeks left to apply:
objective-see.org/oftw/v4.ht…
7
23
4,224
Objective-See Foundation retweeted
Jun 8
Neat addition to EndpointSecurity with deadline manipulation in the macOS 27 beta
2
21
5,343
ℹ️ BlockBlock v2.5.0 adds a new feature that can alert you whenever a downloaded script is about to execute.
Designed to complement "Notarization" Mode, it provides an additional layer of protection against potentially unsafe content before it runs. 🛡️
objective-see.org/products/b…
5
21
1,609
Objective-See Foundation retweeted
Jun 8
🔺NEW: Apple is expanding Private Cloud Compute (PCC) beyond our data centers. PCC on Google Cloud: NVIDIA Confidential Computing, Intel TDX, and Google's Titan chip, with capabilities that go far beyond a traditional confidential computing deployment. security.apple.com/blog/expa…
6
97
509
53,978
Objective-See Foundation retweeted
Jun 9
yasss, this is delightful 🤩
Handling ES deadlines has always been complex(ish) (e.g. don't forget to use a mach_timebase_info when converting "mach time" to nanoseconds on Apple Silcon!) 😵💫
...and if you got it wrong (and missed a deadline) the kernel would just kill you! ☠️
Jun 8
Neat addition to EndpointSecurity with deadline manipulation in the macOS 27 beta
1
3
19
3,372
Just added a few samples of "FlutterShell" to our free public macOS malware repo:
github.com/objective-see/Mal… (pw: infect3d)
#SharingIsCaring
Jun 3
New macOS Backdoor "FlutterShell" 🍎🐛
Discovered & analyzed by @PaloAltoNtwks @Unit42_Intel 🙌🏼
"weaponizes AI summarization features for data exfiltration by routing documents through an attacker-controlled server before processing them " 👀🔥
unit42.paloaltonetworks.com/…
2
29
2,771
Stoked that @Rippling has joined our "Friends of Objective-See" program in support of our non-profit foundation 😍
Their support helps our:
🛠️ open-source tools
📚 free #TAOMM books
👨👩👦 community-driven #OBTS/#OFTW events
...continue to grow & thrive!
rippling.com
1
7
3,149
You asked, we listened 😇
"DoNotDisturb" v2.1 adds 'Trusted Unlock' mode
When enabled, if a lid-open event is followed by a successful Touch ID or unlock via your Apple Watch, DND can ignore it, reducing false alarms while still watching for evil maids.
objective-see.org/products/d…
1
3
20
2,295
Love our free, open-source macOS security tools?
You can support their continued development on Patreon patreon.com/objective-see 🙏🏽😍
3
11
1,441
Objective-See Foundation retweeted
May 25
Uncovering an iOS 26.5 ImageIO Vulnerability zygosec.com/blog
7
83
449
61,551
Objective-See Foundation retweeted
May 25
LET'S GOOOOOOOOOO
btw, people sometimes ask me where to start in macOS malware research, and @patrickwardle's books are the answer I always come back to
@moonlock_lab is giving away it RN. If that's been you, this is your moment! Go check the discord channel 👇
May 25
The day has come - Moonlock Lab now has a Discord 🤩
If you've been lurking our research for a while, this is a good excuse to say hi.
To kick it off, we're giving away 4 books by @patrickwardle - 'The Art of Mac Malware'.
To participate in our Giveaway:
• Join the server: discord.gg/macpaw
• Jump into 🧪moonlock-lab channel
• React with your fav emoji on the giveaway post
• Post a short intro (handle one topic related to macOS security you want us to cover) in the channel
See you in there 🫶
1
6
40
5,077
Objective-See Foundation retweeted
May 26
1/ A new #macOS #stealer in the wild, analyzed after being spotted by @malwrhunterteam🚨
A Rust-compiled, universal (x86_64 arm64) infostealer targeting passwords, Keychain, browser data, Telegram, hardware wallets, and Apple Notes - all in one binary. It’s also different from some usual stealers we see on a daily basis.
Here's everything we found 👇
1
14
59
8,260
⏳Only one month left to apply for "Objective for the We" (#OFTW) v4.0
#OFTW is a free 🍏-security event empowering the next generation:
📍 Berlin
🗓️ July 30–31, 2026
More info/to apply: objective-see.org/oftw/v4.ht…
1
10
16
2,184
Objective-See Foundation retweeted
Introduction to the Mach-O file structure, plus a bug I found in Apple's own Mach-O parser!
Read about it here: github.com/yo-yo-yo-jbo/mach…
1
12
86
6,670
Objective-See Foundation retweeted
May 25
ClickFix has quickly become one of the biggest social engineering threats facing Mac users.
In the latest Security Bite Podcast by @9to5mac, @arinwaichulis sits down with @osint_barbie from Moonlock Lab and @L0Psec to unpack why ClickFix works so well, who it targets, and how Mac malware is evolving in 2026.
Listen here: 9to5mac.com/2026/05/11/secur…
8
18
4,017
On macOS if you want to mitigate ImageIO bugs you can enable ImageIO out-of-process parsing (ImageIOXPCService sandbox) by exporting IIOEnableOOP=1 via launchctl
github.com/0xmachos/dotfiles…
github.com/0xmachos/dotfiles…
3
14
115
12,817
Objective-See Foundation retweeted
May 25
The day has come - Moonlock Lab now has a Discord 🤩
If you've been lurking our research for a while, this is a good excuse to say hi.
To kick it off, we're giving away 4 books by @patrickwardle - 'The Art of Mac Malware'.
To participate in our Giveaway:
• Join the server: discord.gg/macpaw
• Jump into 🧪moonlock-lab channel
• React with your fav emoji on the giveaway post
• Post a short intro (handle one topic related to macOS security you want us to cover) in the channel
See you in there 🫶
2
5
39
8,220
Objective-See Foundation retweeted
May 26
If you're developing macOS user-mode network extensions and your users are reporting a kernel panic on macOS 26.5, this is of course a (now known) Apple macOS bug ...again 😭
See: developer.apple.com/forums/t…
1
6
76
5,558
Objective-See Foundation retweeted
May 20
2026-05-20 (Tuesday): Pages impersonating Claude and Homebrew continue to distribute malware like #MacSync stealer by employing a #ClickFix-style social engineering technique. Details at bit.ly/4upfAHC
ALT A computer screen displaying a fake installation guide titled "One-Click Installation via Terminal" for Homebrew on macOS. The text outlines steps for opening Terminal and running a specific command, with a code snippet shown. A note on the right side indicates this page is 1 of 4 from an ad for Homebrew, labeled "Malicious page.
ALT The image shows a webpage impersonating "Homebrew," with a logo of a beer mug and the title "Brew - The Missing Package Manager for macOS (or Linux)."
ALT The image shows a webpage titled "Install Claude with a single command." It includes instructions for using a terminal command to install Claude, with a highlighted code snippet. The page has a note on the side that reads, "Malicious page 3 of 4: impersonating Claude."
ALT The image shows two fake webpages spoofing "Claude." The top left webpage offers an "Install Claude" option with a download button. The bottom right page shows installation steps for "Claude on macOS." The annotation in the top right corner reads, "Malicious page 4 of 4: impersonating Claude."
3
22
92
9,434