frontpage.

This article is a deep technical dive into custom macOS malware development, centered on building a self-mutating loader using Mach-O internals and native Darwin APIs. It details the architecture of a polymorphic engine divided into two phases: a parent process responsible for payload mutation and re-encryption, and a mutant process that executes the evolved code. The piece explores techniques such as fileless execution, runtime mutation, in-memory encryption, and command-and-control via dead-drop, all implemented entirely through native APIs and low-level Mach-O manipulation.

https://0xf00sec.github.io/0x22

Airbnb poaches Meta GenAI leader to be new CTO

Show HN: Nanobanana Pro – AI image generator that renders perfect text

My AI got a GitHub account

Device that may be tied to "Havana Syndrome" obtained by U.S. government

Maximally Semantic Structure for a Blog Post

Show HN: Teker – Free, offline PE analysis tool with risk scoring (C++/Qt6)

A new generation of Chinese companies is expanding around the world

Silent Quitting Reveals a Broken Feedback Loop in Modern Organizations(2025)

The Art of Craftsmanship (Monozukuri) in the Age of AI

Glide: A tiling window manager for macOS

Show HN: BillingEngine, AI Stripe Revenue Leak Diagnostic 5 min, $99 one-time

Whistleblower drops 'largest ever' ICE leak to unmask agents

Show HN: ChordsCrush, a free musical chord training game

Mailchimp Free Plan Changes

What Founders Need to Know Before Building Their First AI Agent

UK police blame Microsoft Copilot for intelligence mistake

If your game is releasing soon and you need creator marketing, I'd like to help

Google Pixel development moving out of China

We're all going to die, thanks to AI

Tell HN: When launching products who/where your audience is matters

The PICO-8 fantasy console

. Looking for feedback on an AI interview screening demo

Losing American Data

When Asking Is Easy (and Answering Isn't)

Show HN: Unbubble News – analyze bias and verify facts for any news article

The Web Pipe Programming Language

Light Lab

Ask HN: Why are software developers not using Background coding agents?

Show HN: Commentix – A lightweight, customizable alternative to Disqus

Just the Browser

macOS Malware Development II