frontpage.

This article is a deep technical dive into custom macOS malware development, centered on building a self-mutating loader using Mach-O internals and native Darwin APIs. It details the architecture of a polymorphic engine divided into two phases: a parent process responsible for payload mutation and re-encryption, and a mutant process that executes the evolved code. The piece explores techniques such as fileless execution, runtime mutation, in-memory encryption, and command-and-control via dead-drop, all implemented entirely through native APIs and low-level Mach-O manipulation.

https://0xf00sec.github.io/0x22

How to pick the AI agents worth building

DeepSeek V4 Peak Valley Pricing Change

Frontier Code (AI coding benchmark)

Is the Age of Anthropic and OpenAI Over

Show HN: Bbl – a command line Bible to read and search, 26 langauges, offline

Are you in AI answers? Find out and fix it in minutes

Wick or Band drains – drain water from wet soil to prepare for building

A Baby Formula Probe Produced a Pile of Evidence. Then the DOJ Dropped the Case

Sling CLI – Open-source tool for fast data ingestion and replication

Show HN: Wander – one button, one good page at a time, surf the open web

Caffeinated and decaffeinated coffee lower stress, depression and impulsivity

South Korea plans to train military as "drone warriors"

Opening of a trial for planned obsolescence against Epson: a historic first step

Google's new hand-wave reCAPTCHA can be bypassed with a stock photo

AI and the Collapse of the Www

Not just for rich people: the progressive case for air conditioning

DeepSeek v4 Releasing Mid July

Compile differentiable audio models to real-time DSP

Yeasound RIC800 Hearing Aids Review: Good Audio, Glitchy App

My Mac timeline app got MCP. Cron to vector DB was the real use

NASA's X-59 "frankenjet" tests supersonic flight without the sonic boom

The Next Chapter of PrimeTek

GitHub Copilot – 5 years ago today (2021)

Gatekeeping the Frontier: When AI Access Becomes a National Security Concern

Tell HN: Delete Google

Expo adds AgeRange module wrapping Apple and Google age-verification APIs

Radiology's Last Exam (RadLE)

The CEO of Mullvad is the main financer of the far-right Swedish Örebro party

Show HN: Re:Zero – Start building from zero

Ask HN: GLM-5.2 FP8 vs. BF16

macOS Malware Development II