Draining Your Credentials From Popular MacOS Password Managers - Wojciech Regula
Nullcon Goa 2025 · Main Stage
Wojciech Regula's Nullcon talk, "Broken Isolation: Draining Your Credentials From Popular MacOS Password Managers," delivers a critical examination of macOS security, aiming to dispel common misconceptions and expose vulnerabilities in widely used third-party applications. Regula, a seasoned macOS and iOS security researcher, argues that many developers and users erroneously equate macOS's security model with that of Linux, leading to a fundamental misunderstanding of its isolation mechanisms. This talk serves as a mission to re-educate the audience on the distinct architecture and security paradigms of macOS.
AI review
Regula delivers concrete, reproducible attack chains against five named password managers using a coherent framework — macOS same-UID isolation is misunderstood, here's exactly how that gets exploited. The demos are differentiated by attack class (dylib injection, missing Hardened Runtime, Electron fuses, protocol spoofing, browser automation), not just the same trick five times, which shows genuine research breadth.