[ Android ]  Android - IOMXNodeInstance::enableNativeBuffers unchecked index https://bugs.chromium.org/p/project-zero/issues/detail?id=932

[ iOS ]  idb - iOS App Security Assessment Tool http://www.kitploit.com/2016/12/idb-ios-app-security-assessment-tool.html

[ macOS ]  Abusing the Mac Recovery & OS Update Process : https://speakerdeck.com/patrickwardle/syscan360-2016-abusing-the-mac-recovery-and-os-update-process (Slides) cc @ patrickwardle

[ macOS ]  0day SIP bypass → subvert the OS or install malware in an 'undeletable' manner ? ? https://objective-see.com/blog/blog_0x14.html #0day #SIPbypass #SharingIsCaring

[ macOS ]  via @mikeymikey mac admins have prev 'abused' El Capitan Installer to bypass SIP for custom deployments https://t.co/pZqQQ7WDU1 great read!

[ MalwareAnalysis ]  Shamoon2 malware samples: https://www.dropbox.com/s/ihunhfmtfol2l6t/shamoon2.zip?dl=1 password: infect3d -has embedded creds for General Auth of Civil Aviation Saudi Arabia :/

[ Others ]  New post: One Bit To Rule A System: Analyzing CVE-2016-7255 Exploit In The Wild http://bit.ly/2gGXiNF @ TrendMicro

[ Pentest ]  pentest All in one place for pentesters : #python #shellcode #exploit #writeup #bruteforce and more Author: @jivoi https://t.co/7NHcR6L835

[ Windows ]  Microsoft Edge: Info Leak in JSON.parse https://bugs.chromium.org/p/project-zero/issues/detail?id=952