Mysk๐Ÿ‡จ๐Ÿ‡ฆ๐Ÿ‡ฉ๐Ÿ‡ช

@mysk
3K Followers
170 Following
1.1K Posts
We're two #iOS developers and occasional #security researchers on two continents. #CyberSecurity ๐Ÿ‡จ๐Ÿ‡ฆ๐Ÿ‡ฉ๐Ÿ‡ช
Xhttps://x.com/mysk_co
Bloghttps://mysk.blog
YouTubehttps://youtube.com/@mysk
Old Mastodonhttps://defcon.social/@mysk
Mysk๐Ÿ‡จ๐Ÿ‡ฆ๐Ÿ‡ฉ๐Ÿ‡ช1d ago
Mysk๐Ÿ‡จ๐Ÿ‡ฆ๐Ÿ‡ฉ๐Ÿ‡ช1d ago
Oh, this Google slop extends to other languages. Here's looking up "ignorieren", German for "to ignore" ๐Ÿ˜‚๐Ÿ˜‚
Mysk๐Ÿ‡จ๐Ÿ‡ฆ๐Ÿ‡ฉ๐Ÿ‡ช1d ago
Oh, this Google slop extends to other languages. Here's looking up "ignorieren", German for "to ignore" ๐Ÿ˜‚๐Ÿ˜‚
Mysk๐Ÿ‡จ๐Ÿ‡ฆ๐Ÿ‡ฉ๐Ÿ‡ช1d ago

FYI: FaceTime calls expose your IP to other participants. In Settings โ†’ Privacy & Security โ†’ App Privacy Report you can see recent call IPs, and others can see yours. Unlike Signal and WhatsApp, Apple offers no option to relay calls through its servers to hide your IP

#privacy #infosec #security #Apple #iOS

Show threadMysk๐Ÿ‡จ๐Ÿ‡ฆ๐Ÿ‡ฉ๐Ÿ‡ช3d ago

Same experiment on iOS:

https://mastodon.social/@mysk/116483005277532812

Mysk๐Ÿ‡จ๐Ÿ‡ฆ๐Ÿ‡ฉ๐Ÿ‡ช3d ago
iOS 0
Android 1
On Android, it is possible to update a VPN app while its tunnel is active and still get no traffic leaks ๐Ÿ‘
Mysk๐Ÿ‡จ๐Ÿ‡ฆ๐Ÿ‡ฉ๐Ÿ‡ช4d ago
Mysk๐Ÿ‡จ๐Ÿ‡ฆ๐Ÿ‡ฉ๐Ÿ‡ช5d ago

๐Ÿ“๐Ÿšจ New blog post: How a bug in Archive Utility allowed access to protected app data (including iMessage and WhatsApp chats, and Safari cookies) without any permissions.

The bug could also be exploited to hijack installed apps such as Signal and 1Password to perform phishing attacks.

Apple fixed the issue in macOS 26.4 as CVE-2026-28910, five months after we reported it

#Apple #macOS #privacy #security #cybersecurity #infosec

https://mysk.blog/2026/05/19/cve-2026-28910

Show threadMysk๐Ÿ‡จ๐Ÿ‡ฆ๐Ÿ‡ฉ๐Ÿ‡ช5d ago

macOS Bug Lets Attackers Hijack Background Apps to Spy on Clipboard โ€” Fixed in 26.4 (CVE-2026-28910)

https://m.youtube.com/watch?v=NUm5068G5eM

macOS Bug Lets Attackers Hijack Background Apps to Spy on Clipboard โ€” Fixed in 26.4 (CVE-2026-28910)

YouTube
Show threadMysk๐Ÿ‡จ๐Ÿ‡ฆ๐Ÿ‡ฉ๐Ÿ‡ช5d ago

macOS Security: Archive Utility bug can expose Safari, Messages, and WhatsApp data - CVE-2026-28910

https://m.youtube.com/watch?v=Naq5IojVoNs

macOS Security: Archive Utility bug can expose Safari, Messages, and WhatsApp data - CVE-2026-28910

YouTube
Show threadMysk๐Ÿ‡จ๐Ÿ‡ฆ๐Ÿ‡ฉ๐Ÿ‡ช5d ago

macOS Security: Archive Utility Bug Could Expose 1Password Secrets โ€” Fixed in 26.4 (CVE-2026-28910)

https://m.youtube.com/watch?v=Hp5NLDtxmzo

macOS Security: Archive Utility Bug Could Expose 1Password Secrets โ€” Fixed in 26.4 (CVE-2026-28910)

YouTube
Show threadMysk๐Ÿ‡จ๐Ÿ‡ฆ๐Ÿ‡ฉ๐Ÿ‡ช5d ago

macOS Archive Utility Bug Could Let Attackers Hijack Signal Sessionsโ€”Fixed in 26.4 (CVE-2026-28910)

https://m.youtube.com/watch?v=WuH0pIE7j2Y

macOS Archive Utility Bug Could Let Attackers Hijack Signal Sessionsโ€”Fixed in 26.4 (CVE-2026-28910)

YouTube