iOS 11.3.1 的 Safari 漏洞利用程序发布，通过两个已知漏洞获得 WebContent 沙箱的 tfp0 （ CVE-2018-4233、CVE-2018-4243）。
Frick is a kick ass frida cli for reverse engineer inspired by the epic GDB init gef by @hugsy, with commands design similar to uDdbg.
I will also be publishing a better write-up in the coming days. Lastly, the contents of the following write-up are under the CC-BY-SA 2.0. You're welcome to use this for whatever you wish, as long as you give credit in a end-user accessible manner, and include a link back to this post if you can (I know you can).
GnuPG, Enigmail, GPGTools and potentially other applications using GnuPG can be attacked with in-band signaling similar to phreaking phone lines in the 1970s (“Cap’n Crunch”). We demonstrate this by creating messages that appear to be signed by arbitrary keys.
Chainspotting! Building Exploit Chains with Logic Bugs.
MacOS/iOS kernel heap overflow due to lack of lower size check in getvolattrlist
Here you can find write ups for iOS Vulnerabilities that have been released.