Csaba Fitzl @theevilbit
macOS Security -- Trail running 🏃 -- Mountains ⛰ -- Tolkien fan For mountain pictures, go to: https://t.co/Xf7KDW5fKu theevilbit.github.io Hungary Joined April 2010-
Tweets15K
-
Followers9K
-
Following1K
-
Likes19K
@paulmillr Nothing, but these are not the current rules, none of the programs does it btw.
After having 100+ CVEs with Apple, and working with their security team even before ASB was a thing, this below is simply not how things work in real life. Mistakes happen, and duplicates happen (I always got credit even for those) but ASB is still one one the best BB programs out there.
🚨APPLE ADVERTISES $2 MILLION FOR FINDING SECURITY BUGS.. THEN CALLS YOUR DISCOVERY A "DUPLICATE".. PATCHES IT SILENTLY.. GIVES YOU NOTHING.. AND BANS YOUR APPLE ID IF YOU COMPLAIN.. Two researchers found a critical macOS vulnerability that let attackers steal passwords,
Csaba Fitzl retweeted
🔺NEW: Apple is expanding Private Cloud Compute (PCC) beyond our data centers. PCC on Google Cloud: NVIDIA Confidential Computing, Intel TDX, and Google's Titan chip, with capabilities that go far beyond a traditional confidential computing deployment. security.apple.com/blog/expanding…
Now that Apple says Parental Control is critical - will those PC bypasses finally count as security issues? Because currently they are not.
@zippgod24 Waiting for a fix is a regular part of any BB program.
@AdamsBunnyranch Yes, a lot of people do that.
@evilsocket On the contrary, everyone I know, and has a long history with ASB with lots of CVEs says the opposite. 🤷♂️
@paulmillr It could always be better, and I don't think ASB is shitty. I don't think it's "obvious" they were treated unfairly.
Csaba Fitzl retweeted
MSRC woke up and decided to kill off all the good will it has built up over the last decade: microsoft.com/en-us/msrc/blo…
Csaba Fitzl retweeted
🔥 New (guest) blog just dropped! “When Good /bins Go Bad: A Remote Pre-Auth Overflow in LLDB’s debugserver” objective-see.org/blog/blog_0x83… Mahalo to Nathan (@calysteon) for detailing his discovery of this bug, which has since been patched by Apple as CVE-2025-43504 🙏🏽
IMO Mysk is not trustworthy. They tried to hype low impact vulns as critical in the past (HTTP icon download). Also... duplicates happen, and Apple always credits you for those. If you can't trust the vendor's decision about first submitter, then don't submit. I did cross check a few of these duplicates with researchers in the past, and Apple was always right.
Csaba Fitzl retweeted
Offensivecon's talks are now available on our YouTube channel! 🔗 buff.ly/g63xgm5
Csaba Fitzl retweeted
While testing our ML detection models, we detected on a new cross-platform campaign we're tracking as SStar Agent. Most of the Mach-O samples were sitting at zero detections on virustotal. We have gone and analyzed the the macOS and Windows variants. iru.com/blog/sstar-age… @officiallyiru @Declinee18
0xor0ne @0xor0ne
91K Followers 508 Following Cybersecurity | Reverse Engineering | Vulnerability Research | Embedded & Silicon Security | My Tweets, My Opinions :)
Justin Elze @HackingLZ
71K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Adam Chester 🏴�... @_xpn_
38K Followers 538 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOlmau2 | Insta at https://t.co/PqR6CZQ48T
Wojciech Reguła @_r3ggi
6K Followers 862 Following iOS/macOS app security researcher & blogger. 🍎 Black Hat / DEF CON / TyphoonCon speaker. Head of mobile appsec @SecuRingPL
Grzegorz Tworek @0gtweet
38K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
b33f | 🇺🇦✊ @FuzzySec
33K Followers 1K Following 意志 / mobile research @ ▓▓▓▓▓ / Team 501 / ex IBM Capability Lead & FireEye TORE / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabs
Alex Plaskett @alexjplaskett
14K Followers 585 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Posts about 0day, OS, mobile and embedded security.
Will Dormann is on Ma... @wdormann
27K Followers 1K Following I play with vulnerabilities and exploits. I used to be here on Twitter but now I'm here: @[email protected] https://t.co/hXggdAVkSQ
simo @_simo36
7K Followers 126 Following
SentinelOne @SentinelOne
58K Followers 1K Following ONE autonomous platform to prevent, detect, respond, and hunt. Do more, save time, secure your enterprise: https://t.co/N75g1HAnCs 🐱💻
mgeeky | Mariusz Bana... @mariuszbit
14K Followers 950 Following 🔴 Offensive Security Developer @ Outflank, Red Team operator, ex-AV dev, ex- malware researcher 🫖 Green tea lover
Rad @rad9800
10K Followers 709 Following ex-founder. building solutions to secure organizations. prev @deceptiq_ (acq.), now at @thinkstcanary All thoughts / opinions (if at all) are my own.
Stephen Sims @Steph3nSims
26K Followers 861 Following Perpetual Student | SANS Fellow | Musician | Braggart Hater | Gray Hat Hacking | VR | 🏂 | deadcode | https://t.co/4neOSsnCQ8
OffSec @offsectraining
329K Followers 118 Following Empowering the world to fight cyber threats with indispensable cybersecurity skills and resources. Support queries: https://t.co/HtFpqjjlRZ
Howard Oakley, Eclect... @howardnoakley
4K Followers 135 Following Chief illuminator at the Eclectic Light Company, writing about macOS, paintings; author of over 40 free utilities for macOS.
ϻг_ϻε @steventseeley
23K Followers 557 Following Artist disguised as a logician. Pwn2Own Winner. Spiritual Alchemy. An adept in the making.
Dominic Chell 👻 @domchell
18K Followers 551 Following Just your friendly neighbourhood red teamer @MDSecLabs @nighthawk_c2 | Creator of /r/redteamsec | https://t.co/3k3EBAZqGd | https://t.co/KwO2OwDOkl
an0n @an0n_r0
14K Followers 731 Following CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
Lucas Futures @lukashanren1
421 Followers 200 Following Lucas Quant 🚀 Full-Stack Engineer | Quant Developer 💻 Building AI-driven trading systems 🥚 Founder, Claude World Community
Alextuxur @Alextuxur
4 Followers 776 Following
ctx @pi_1816
210 Followers 3K Following ctfプレイヤー @ctftime #teamone 🇯🇵 team (wanna-be) zeroday hacker !!!
Marcus Neves @mneves75
509 Followers 6K Following 🦞 +30 years shipping production code. dangerously-skip-permissions. Failure is not an option.
Beth Heston @Beth__Heston
4 Followers 47 Following 𝙽𝚎𝚟𝚎𝚛 𝚝𝚎𝚕𝚕 𝚝𝚑𝚎 𝚝𝚛𝚞𝚝𝚑 𝚝𝚘 𝚙𝚎𝚘𝚙𝚕𝚎 𝚠𝚑𝚘 𝚊𝚛𝚎 𝚗𝚘𝚝 𝚠𝚘𝚛𝚝𝚑𝚢 𝚘𝚏 𝚒𝚝. 𝙼𝚊𝚛𝚔 𝚃𝚠𝚊𝚒𝚗
sherif @0xCOD3
72 Followers 1K Following ”I have seen everything that is done under the sun, and behold, all is vanity and a striving after wind“
Yang Yang @yang_is_here
29 Followers 205 Following
Genov @genovbg
23 Followers 409 Following
slinafirinne @slinafirinne
1K Followers 265 Following Security Researcher (macOS & iOS) with the occasional post about golf.
Steve's twisted Tleil... @syssws
268 Followers 2K Following Dad, Feminist, Vet, Infosec, Coffee Fetishist, Maker, Master cat food sommelier, SIGINT curious. @infosec.exchange, spoutible he/him #BlackLivesMatter
Tirtha Mandal @tirtha_mandal
4K Followers 952 Following Security @ServiceNow || Hack All The Things || OSWE || https://t.co/YZ2iHkL35S Opinions are my own and not the views of my employer
Gyumin Baek @gyuminb_cherami
6 Followers 97 Following
ProfessorTox @ProfessorTox
337 Followers 182 Following 🇵🇸 | i post funny devices | message me with any inquiries about the items I post about
KeyTrans @keytrans2025
149 Followers 621 Following
Henry Beaudin @henrybeaudin
1K Followers 6K Following Dad of 2, Operations Director @Crypto_ISAC, ex @goldmansachs, bridgewater, @foursquare, and a few others.
Aaron @aaronraimist
512 Followers 2K Following
Freddy @Freddycrur
29 Followers 120 Following
. @rmprds
1 Followers 24 Following
Тёма @theGlym
180 Followers 210 Following YouTube video blogger. Subscribe and follow me. http://t.co/CtW8p6r6KU пока что не очень извесный конечно )
xamfiaysssss @xamfiays
3 Followers 34 Following
CTI Updates @CTI__Updates
308 Followers 989 Following Updates about all things threat intelligence & updates about stuffs going on in the cybersec, ransomware, OSINT, SOCMINT, and hacking communities #threatintel
Theresa @dolejsitheresa1
2 Followers 110 Following
RockyZadok @AdajimaHeihachi
14 Followers 198 Following
1 @EigiI46RSP15288
0 Followers 29 Following
xtrenk @gutrenk
5 Followers 552 Following
Volker @volkertech
0 Followers 51 Following
Robert Scoble @Scobleizer
586K Followers 50K Following San Francisco/Silicon Valley AI | Robots, holodecks, BCIs, analysis of new things | Ex-Microsoft, Rackspace, Fast Company | Wrote eight books about the future.
ahh hahahaha @ahh_hahahaha
0 Followers 53 Following
J3_Z0r6 @J3_Z0r6
15 Followers 414 Following Infosec dummy, Half anarchist, half rainbow unicorn. Never underestimate someone, they can be dumber than you thought.
Myōjō Akira @Hbeing_abn
82 Followers 1K Following
0xor0ne @0xor0ne
91K Followers 508 Following Cybersecurity | Reverse Engineering | Vulnerability Research | Embedded & Silicon Security | My Tweets, My Opinions :)
Adam Chester 🏴�... @_xpn_
38K Followers 538 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOlmau2 | Insta at https://t.co/PqR6CZQ48T
Wojciech Reguła @_r3ggi
6K Followers 862 Following iOS/macOS app security researcher & blogger. 🍎 Black Hat / DEF CON / TyphoonCon speaker. Head of mobile appsec @SecuRingPL
Binni Shah @binitamshah
141K Followers 165 Following Linux Evangelist, Malwares, Security enthusiast ,Investor,World Economy, Finance,Contrarian , Philanthropist , Reformist , Sigma female [email protected]
Greg Linares (Laughin... @Laughing_Mantis
37K Followers 2K Following 20+ yrs in Infosec. Malware Influencer. I turn Malware into Art and Music. Art @MalwareArt. 4x Pwnie Nominee. 𝕍𝕏. GameDev. Autistic.
Yarden Shafir @yarden_shafir
25K Followers 317 Following A circus artist with a visual studio license
Zhuowei Zhang @zhuowei
31K Followers 187 Following link in bio ⬛⬛⬛⬛⬛🟩🟩🟩🟩🟩🟩 ⬛⬛⬛⬛🟩🟩🟩🟩🟩🟩🟩🟩 ⬛⬛🟧⬛🟩🟫🟫🟫🟫🟫🟫🟩 ⬛⬛🟧⬛🟫🟫🟫🟫🟫🟫🟫🟫 ⬛⬛🟧🟧🟫🟧🟩🟧🟧🟩🟧🟫🟧 ⬛⬛🟧🟧🟫🟧🟫🟧🟧🟫🟧🟫🟧 ⬛⬛⬛🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧 ⬛⬛⬛🟩🟩🟧🟧🟫🟫🟧🟧🟩🟩 ⬛🟫🟫🟫🟫🟫🟧🟧🟧🟧🟩🟩🟫 🟫🟫🟧🟫🟫🟫🟫🟩🟩🟩🟩🟩🟧 🟫🟧🟧🟧🟫🟫🟧🟫🟫🟩🟩🟧🟧
TrendAI Zero Day Init... @thezdi
89K Followers 16 Following TrendAI Zero Day Initiative™ (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.
Objective-See Foundat... @objective_see
19K Followers 1 Following 🍎 🛡️ 🛠️ Open-Source Tools 📚 "The Art of Mac Malware" books 🫂 "Objective by the Sea" conference Support us on https://t.co/tuGceSeyiC 🙏
b33f | 🇺🇦✊ @FuzzySec
33K Followers 1K Following 意志 / mobile research @ ▓▓▓▓▓ / Team 501 / ex IBM Capability Lead & FireEye TORE / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabs
Alex Plaskett @alexjplaskett
14K Followers 585 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Posts about 0day, OS, mobile and embedded security.
mdowd @mdowd
33K Followers 754 Following Internet Hacker. Founder of @vigilant_labs. Previously, co-founder of Azimuth Security (now L3Harris Trenchant)
Project Zero Bugs @ProjectZeroBugs
37K Followers 0 Following A bot that posts the latest blog posts and disclosures from Google's Project Zero
simo @_simo36
7K Followers 126 Following
SentinelOne @SentinelOne
58K Followers 1K Following ONE autonomous platform to prevent, detect, respond, and hunt. Do more, save time, secure your enterprise: https://t.co/N75g1HAnCs 🐱💻
Stephen Sims @Steph3nSims
26K Followers 861 Following Perpetual Student | SANS Fellow | Musician | Braggart Hater | Gray Hat Hacking | VR | 🏂 | deadcode | https://t.co/4neOSsnCQ8
OffSec @offsectraining
329K Followers 118 Following Empowering the world to fight cyber threats with indispensable cybersecurity skills and resources. Support queries: https://t.co/HtFpqjjlRZ
slinafirinne @slinafirinne
1K Followers 265 Following Security Researcher (macOS & iOS) with the occasional post about golf.
johnny @zeroxjf
4K Followers 166 Following iOS & MacOS Researcher (AI-Assisted). https://t.co/4vu4rvK5b5
fellrunningguide @fellrunningguid
7K Followers 741 Following Coaching & navigation training for trail and fell runners. UK Athletics coach. V50 V60 English champion fell runner. Bob Graham, Paddy Buckley & Ramsay Rounds.
Jamf Threat Labs @JamfThreatLabs
205 Followers 29 Following Mac security research and threat hunting team. Sharing findings discovered by @JamfThreatLabs at @JamfSoftware.
Alex Moshkov @amoshkov
2K Followers 1K Following Community Bro @ 🟥 Positive Technologies / @PTSWARM / @ptdbugs / @StandoffBB / #PHTalks / #PHDays / #PHCamp
daem0nc0re @daem0nc0re
6K Followers 203 Following Ph.D. in Physics, Kernel / Hardware Security, Microsoft MVP
Cleo Abram @cleoabram
78K Followers 978 Following Video journalist making optimistic science and tech explainers. HUGE* If True. Watch: https://t.co/EI32Qgtigc
awesome_visuals @awesome_visuals
108K Followers 73 Following AI Explorer • Wacky Original Content Affiliate @RunwayML • CPP @topazlabs
Speedyfriend67 @speedyfriend433
3K Followers 7K Following Owner of Flero Client, Apple Bug Hunter | https://t.co/rnAAL7kzYY | https://t.co/My3XKpGGWD
Chris Wysopal @WeldPond
55K Followers 1K Following Hacker. Co-founder/CTO Veracode. Former L0pht security researcher. GenAI Auto-repair of vulns is the future @weld.bsky.social @[email protected]
Chris Thompson @_Mayyhem
3K Followers 487 Following Senior Security Researcher @SpecterOps https://t.co/Sz5fRYkX6u
[email protected]... @daviddiaul
1K Followers 3K Following Security Guy. All posts are my own and do not represent the opinions of my employer etc. @[email protected]
Sami Laiho @samilaiho
31K Followers 694 Following Chief Research Officer (opinions are my own) / #1 & #2 at Ignite 2018 / Best Session - NIC x 5 / MVP Windows OS / https://t.co/YcBqnFRmjZ / PluralsightAuthor
Alexandre Borges @ale_sp_brazil
31K Followers 169 Following iOS, Chrome and Android security researcher | Exploit Developer
Kuba Gretzky @mrgretzky
17K Followers 754 Following Creator of Evilginx - Reverse Proxy Phishing Framework for Red Teams: https://t.co/hPg644CTnM
Kostas @Kostastsale
20K Followers 383 Following I like building things that solve real problems, working across cybersecurity, product, and research | 🇬🇷🇨🇦
Michael Reeves @IntegralPilot
960 Followers 54 Following Teenage security researcher & systems developer. CVE-2025-43539, making rustc_codegen_jvm, working on Asahi Linux https://t.co/0NPoFmrES7 🇦🇺
Knightama @knightama
78K Followers 997 Following /// Filmmaker /// Creator of https://t.co/8Bg89xJ4dB /// Creative Partner @dreamina_ai | @capcutapp | @mulan_ai_
John Woodman @JohnWoodman15
587 Followers 395 Following @Mandiant consultant | https://t.co/2vEK0dpwNN | https://t.co/Q3OKimQNfL
Zeyad_Azima @AzimaZeyad
422 Followers 73 Following Exploit Developer | Going beyond buffer overflow.
Jordan Wiens @psifertex
6K Followers 1K Following Worst developer among many good ones making https://t.co/XCCx7ED5uf
Duy Tran @khanhduytran0
13K Followers 294 Following AngelAuraMC(was @PLaunchTeam),LiveContainer; mess w/ iOS internals. JB repo: https://t.co/2ytwlbwGIx [email protected] https://t.co/6W1ngT0prC
ulexec @ulexec
3K Followers 288 Following
Morris Richman @morrisinlife
593 Followers 366 Following @codevapor fan. I make cool apps and swift packages. Swift Student Challenge Winner. Cybersecurity Researcher. Views are my own.
Alex Rad @defendtheworld
2K Followers 1K Following On a mission to make networking secure and simple. https://t.co/NnoAMwpuYA
NinjaLikesCheez @NinjaLikesCheez
1K Followers 697 Following Destroyer of dreams. Maintainer of dissident's shitty code. Clutch Developer. Security & Tech mainly, with a hint of personal rage.
Donncha Ó Cearbhaill @DonnchaC
6K Followers 5K Following Head of Security Lab at @AmnestyTech - Hunting spyware and unlawful surveillance targeting civil society (He/Him) - Fedi: @[email protected]
Indigo 〰 @indigo79x
107 Followers 2K Following Happiness at dawn, Apple VR at dusk. Take a walk outside your head.
dinosaurlover38 @_dinolover38
773 Followers 173 Following 0-day monkey | IBM X-Force Offensive Research (XOR)
Vigilant Labs @vigilant_labs
3K Followers 3 Following Official account of Vigilant Labs (https://t.co/PzW4HkfAwd).
Søren Theilgaard @theilgaard
242 Followers 1K Following Interested in @apple, #privacy, and #InfoSec. Father of 4. Helping businesses manage their Apple devices.👍 Human Rights. @[email protected].
Attila Szasz @4ttil4sz1a
306 Followers 726 Following security researcher, aficionado of theoretical CS and program analysis, player of 🎹 and 🎸. connoisseur of class 4 scrambling & technical hikes⛰️
Nathan @calysteon
51 Followers 122 Following
Advance-sec @advance_sec0
974 Followers 711 Following Advance-sec platform: is leader in acquisition of vulnerabilities and 0day exploits. Email: [email protected] Wire: @advance_sec Telegram: @advance_secur
✨_geeknik_//✨ @geeknik
20K Followers 7K Following Human Co-Founder & CTO⇢https://t.co/JDh2Hm96vA A mad scientist with a penchant for chaos. Fuzzing from kernelspace➠uncanny valley. Latest: CVE-2026-27477
Nateinthewild | Nate ... @nateinthewild
20K Followers 1K Following Photographer/filmmaker, Sunrise Aficionado, Nature Slut.
John Williams Fan Net... @JWFancom
1K Followers 51 Following Official account of the John Williams Fan Network - JWFanTrends for United States
You might like
Patrick Wardle
@patrickwardle
41K Followers
Alexandre Borges
@ale_sp_brazil
31K Followers
offensivecon
@offensive_con
28K Followers
REcon
@reconmtl
18K Followers
Objective-See Foundat...
@objective_see
19K Followers
Ori Damari
@0xrepnz
7K Followers
RET2 Systems
@ret2systems
12K Followers
Orange Tsai 🍊
@orange_8361
64K Followers
Chetan Nayak (Brute R...
@NinjaParanoid
32K Followers
Adam Chester 🏴�...
@_xpn_
38K Followers
Samuel Groß
@5aelo
25K Followers
Mickey Jin
@patch1t
5K Followers
Pavel Yosifovich
@zodiacon
15K Followers
Wojciech Reguła
@_r3ggi
6K Followers
Alisa Esage Шевч�...
@alisaesage
41K Followers