bug-bounty458
google364
microsoft314
facebook272
xss250
apple179
malware176
rce165
exploit141
cve111
account-takeover104
bragging-post101
phishing84
privilege-escalation81
csrf81
supply-chain68
stored-xss65
authentication-bypass63
dos63
browser62
reflected-xss57
react54
cloudflare51
reverse-engineering49
cross-site-scripting48
input-validation48
aws48
docker47
node47
access-control47
smart-contract45
web343
ethereum43
sql-injection43
web-security42
ssrf42
defi42
web-application41
oauth37
writeup37
race-condition36
burp-suite35
vulnerability-disclosure34
info-disclosure34
idor34
html-injection33
cloud33
auth-bypass33
lfi32
smart-contract-vulnerability32
0
3/10
A researcher reports detection of anomalous mesh networking activity across iOS devices, including APNs redirection to non-Apple ASNs, persistent P2P tunneling on non-standard ports, and globally distributed clusters, discovered through TraceV3 binary log analysis.
ios-security
mesh-network
network-analysis
protocol-hijacking
apns-redirection
p2p-networking
traffic-analysis
binary-parsing
routing-anomalies
threat-tracking
exfiltration
Joseph Goydish II
Bill Woodcock
NANOG
Google GSLB
TraceV3
0
7/10
Bypass of Touch ID authentication in Evernote and Dropbox iOS apps using Frida runtime instrumentation to intercept and flip the LAContext evaluatePolicy boolean return value from false to true via the objection framework's ios ui biometrics_bypass command.
ios-security
biometric-bypass
touch-id
frida
objection
jailbreak
authentication-bypass
mobile-app-security
runtime-manipulation
checkra1n
Evernote
Dropbox
Frida
Objection
checkra1n
LAContext
Secure Enclave
Sahil Tikoo
iPhone 6S
iOS 13.3.1