Here is some resources about macOS/iOS system security.

exploit writeup

https://blog.pangu.io/

https://starlabs.sg/advisories/

https://bugs.chromium.org/p/project-zero/issues/list

https://talosintelligence.com/vulnerability_reports#disclosed

CVE	modules	POC/writeup link
CVE-2014-8826	LaunchServices	https://www.ampliasecurity.com/advisories/os-x-gatekeeper-bypass-vulnerability.html
CVE-2015-????	Kernel	https://github.com/kpwn/tpwn
CVE-2016-????	XPC	https://marcograss.github.io/security/apple/xpc/2016/06/17/containermanagerd-xpc-array-oob.html
CVE-2016-1758&CVE-2016-1828	Kernel	https://bazad.github.io/2016/05/mac-os-x-use-after-free/
CVE-2016-1824	IOHIDFamily	https://marcograss.github.io/security/apple/cve/2016/05/16/cve-2016-1824-apple-iohidfamily-racecondition.html
CVE-2016-1825	IOHIDFamily	https://bazad.github.io/2017/01/physmem-accessing-physical-memory-os-x/
CVE-2016-1865	Kernel	https://marcograss.github.io/security/apple/cve/2016/07/18/cve-2016-1865-apple-nullpointers.html
CVE-2016-1722	syslogd	https://blog.zimperium.com/analysis-of-ios-os-x-vulnerability-cve-2016-1722/
CVE-2016-1757	Kernel	https://googleprojectzero.blogspot.com/2016/03/race-you-to-kernel.html http://turingh.github.io/2016/04/03/CVE-2016-1757%E7%AE%80%E5%8D%95%E5%88%86%E6%9E%90/ https://turingh.github.io/2016/04/19/CVE-2016-1757%E5%88%A9%E7%94%A8%E7%A8%8B%E5%BA%8F%E5%88%86%E6%9E%90/
CVE-2016-4633	Intel Graphics Driver	https://marcograss.github.io/security/apple/cve/2016/07/21/cve-2016-4633-apple-graphics-another-osx-bug.html
CVE-2016-4673	CoreGraphics	https://marcograss.github.io/security/apple/cve/macos/ios/2016/11/21/cve-2016-4673-apple-coregraphics.html
CVE-2016-7595	CoreText	https://security.tencent.com/index.php/blog/msg/111
CVE-2017-13861	IOSurface	https://siguza.github.io/v0rtex/ https://paper.seebug.org/472/
CVE-2017-13868	Kernel	https://bazad.github.io/2018/03/a-fun-xnu-infoleak/
CVE-2018-4124	CoreText	https://blog.zecops.com/vulnerabilities/analyzing-the-ios-telugu-crash-part-i/
CVE-2018-4184	sandbox	https://ubrigens.com/posts/linking_a_microphone.html
CVE-2018-4185	Kernel	https://bazad.github.io/2018/04/kernel-pointer-crash-log-ios/
CVE-2018-4229&CVE-2020-3854	sandbox	https://ubrigens.com/posts/sandbox_initialisation_bypasses.html
CVE-2018-4248	libxpc	https://bazad.github.io/2018/07/xpc-string-leak/
CVE-2018-4280	libxpc	https://github.com/bazad/blanket
CVE-2018-4331&CVE-2018-4332&CVE-2018-4343	Heimdal	https://bazad.github.io/2018/11/introduction-userspace-race-conditions-ios/
CVE-2018-4346	Dictionary	https://www.securing.pl/en/secure-implementation-of-webview-in-ios-applications/
CVE-2018-4407	kernel	https://securitylab.github.com/research/apple-xnu-icmp-error-CVE-2018-4407
CVE-2018-4415	CoreAnimation	https://ssd-disclosure.com/ssd-advisory-ios-macos-safari-sandbox-escape-via-quartzcore-heap-overflow/
CVE-2018-4431	Kernel	https://ssd-disclosure.com/ssd-advisory-ios-macos-kernel-task_inspect-information-leak/
CVE-2019-6225	Kernel	https://blogs.360.cn/post/IPC%20Voucher%20UaF%20Remote%20Jailbreak%20Stage%202.html https://googleprojectzero.blogspot.com/2019/08/in-wild-ios-exploit-chain-5.html https://googleprojectzero.blogspot.com/2019/01/voucherswap-exploiting-mig-reference.html http://highaltitudehacks.com/2020/06/01/from-zero-to-tfp0-part-1-prologue/ http://highaltitudehacks.com/2020/06/01/from-zero-to-tfp0-part-2-a-walkthrough-of-the-voucher-swap-exploit/
CVE-2019-6231	CoreAnimation	https://www.fortinet.com/blog/threat-research/detailed-analysis-of-macos-ios-vulnerability-cve-2019-6231
CVE-2019–6238	xar	https://yilmazcanyigit.medium.com/cve-2019-6238-apple-xar-directory-traversal-vulnerability-9a32ba8b3b7d
CVE-2019-8507	CoreAnimation	https://www.fortinet.com/blog/threat-research/detailed-analysis-mac-os-vulnerability-cve-2019-8507
CVE-2019-8549	Power Management	https://ssd-disclosure.com/ssd-advisory-ios-powerd-uninitialized-mach-message-reply-to-sandbox-escape-and-privilege-escalation/
CVE-2019-8561	PackageKit	https://0xmachos.com/2021-04-30-CVE-2019-8561-PoC//
CVE-2019-8605	Kernel	https://googleprojectzero.blogspot.com/2019/12/sockpuppet-walkthrough-of-kernel.html https://github.com/jakeajames/sock_port http://blog.asm.im/2019/11/17/Sock-Port-%E6%BC%8F%E6%B4%9E%E8%A7%A3%E6%9E%90%EF%BC%88%E4%B8%80%EF%BC%89UAF-%E4%B8%8E-Heap-Spraying/ http://blog.asm.im/2019/11/24/Sock-Port-%E6%BC%8F%E6%B4%9E%E8%A7%A3%E6%9E%90%EF%BC%88%E4%BA%8C%EF%BC%89%E9%80%9A%E8%BF%87-Mach-OOL-Message-%E6%B3%84%E9%9C%B2-Port-Address/ http://blog.asm.im/2019/12/01/Sock-Port-%E6%BC%8F%E6%B4%9E%E8%A7%A3%E6%9E%90%EF%BC%88%E4%B8%89%EF%BC%89IOSurface-Heap-Spraying/ http://blog.asm.im/2019/12/08/Sock-Port-%E6%BC%8F%E6%B4%9E%E8%A7%A3%E6%9E%90%EF%BC%88%E5%9B%9B%EF%BC%89The-tfp0/
CVE-2019-8635	AMD	https://www.trendmicro.com/en_us/research/19/f/cve-2019-8635-double-free-vulnerability-in-apple-macos-lets-attackers-escalate-system-privileges-and-execute-arbitrary-code.html
CVE-2019-8656	autofs	https://www.fcvl.net/vulnerabilities/macosx-gatekeeper-bypass
CVE-2019-8761	UIFoundation	https://www.paulosyibelo.com/2021/04/this-man-thought-opening-txt-file-is.html
CVE-2019-8794&CVE-2019-8795&CVE-2019-8797	Kernel&AVEVideoEncoder&Audio	https://ssd-disclosure.com/ssd-advisory-via-ios-jailbreak-sandbox-escape-and-kernel-r-w-leading-to-rce/
CVE-2020-3847&CVE-2020-3848	CoreBluetooth	https://blogs.360.cn/post/macOS_Bluetoothd_0-click.html
CVE-2020-3852&CVE-2020-3864&CVE-2020-3865&CVE-2020-3885&CVE-2020-3887&CVE-2020-9784&CVE-2020-9787	safari&webkit	https://www.ryanpickren.com/webcam-hacking
CVE-2020-3919	IOHIDFamily	https://alexplaskett.github.io/CVE-2020-3919/
CVE-2020-9771	sandbox	https://theevilbit.github.io/posts/cve_2020_9771/ https://theevilbit.github.io/posts/reversing_cve_2020_9771/
CVE-2020-9817	PackageKit	https://research.nccgroup.com/2020/07/02/technical-advisory-macos-installer-local-root-privilege-escalation-cve-2020-9817/
CVE-2020-9854	Security	https://a2nkf.github.io/unauthd_Logic_bugs_FTW/
CVE-2020-9934	CoreFoundation	https://medium.com/@mattshockl/cve-2020-9934-bypassing-the-os-x-transparency-consent-and-control-tcc-framework-for-4e14806f1de8
CVE-2020-9964	IOSurfaceAccelerator	https://muirey03.blogspot.com/2020/09/cve-2020-9964-ios-infoleak.html
CVE-2020-9967	Kernel	https://alexplaskett.github.io/CVE-2020-9967/
CVE-2020-9968	sandbox	https://blog.xpnsec.com/we-need-to-talk-about-macl/
CVE-2020-9971	libxpc	https://xlab.tencent.com/en/2021/01/11/cve-2020-9971-abusing-xpc-service-to-elevate-privilege/
CVE-2020-9979	Assets	https://blog.chichou.me/2020/08/06/x-site-escape-part-ii-look-up-a-shell-in-the-dictionary/
CVE-2020-9992	IDE Device Support	https://blog.zimperium.com/c0ntextomy-lets-debug-together-cve-2020-9992/
CVE-2020-27897	Kernel	https://www.zerodayinitiative.com/blog/2020/12/9/cve-2020-27897-apple-macos-kernel-oob-write-privilege-escalation-vulnerability
CVE-2020-27932	Kernel	https://worthdoingbadly.com/specialreply/
CVE-2020-27935	XNU	https://github.com/LIJI32/SnatchBox
CVE-2020-27949	Kernel	https://github.com/seemoo-lab/dtrace-memaccess_cve-2020-27949
CVE-2020-27950	Kernel	https://www.synacktiv.com/publications/ios-1-day-hunting-uncovering-and-exploiting-cve-2020-27950-kernel-memory-leak.html
CVE-2020-9900&CVE-2021-1786	Crash Reporter	https://theevilbit.github.io/posts/macos_crashreporter/
CVE-2020-9905	Kernel	https://blog.zecops.com/vulnerabilities/from-a-comment-to-a-cve-content-filter-strikes-again/
CVE-2020–9922	Mail	https://mikko-kenttala.medium.com/zero-click-vulnerability-in-apples-macos-mail-59e0c14b106c
CVE-2020-10005&CVE-2021-1878&CVE-2021-30712&CVE-2021-30716&CVE-2021-30717&CVE-2021-30721&CVE-2021-30722	smbx	https://blog.talosintelligence.com/vuln-spotlight-smb-mac-deep-dive/
CVE-2021-1740&CVE-2021-30855&CVE-2021-30995	Preferences	https://jhftss.github.io/CVE-2021-1740-Invalid-Patch/ https://www.trendmicro.com/en_us/research/22/a/analyzing-an-old-bug-and-discovering-cve-2021-30995-.html
CVE-2021-1747	CoreAudio	https://mp.weixin.qq.com/s/9dmQH4qIw95Gsx92wLSr6w
CVE-2021-1757	IOSkywalkFamily	https://github.com/b1n4r1b01/n-days/tree/main/CVE-2021-1757
CVE-2021-1782	Kernel	https://github.com/ModernPwner/cicuta_virosa https://www.synacktiv.com/publications/analysis-and-exploitation-of-the-ios-kernel-vulnerability-cve-2021-1782
CVE-2021-1810	Archive Utility	https://labs.withsecure.com/publications/the-discovery-of-cve-2021-1810 https://labs.withsecure.com/publications/analysis-of-cve-2021-1810-gatekeeper-bypass
CVE-2021-1815	Preferences	https://www.offensive-security.com/offsec/macos-preferences-priv-escalation/
CVE-2021-30655	Wi-Fi	https://wojciechregula.blog/post/press-5-keys-and-become-root-aka-cve-2021-30655/
CVE-2021-30657	System Preferences	https://objective-see.com/blog/blog_0x64.html
CVE-2021-30659	CoreFoundation	https://sector7.computest.nl/post/2022-08-process-injection-breaking-all-macos-security-layers-with-a-single-vulnerability/
CVE-2021-30660	Kernel	https://alexplaskett.github.io/CVE-2021-30660/
CVE-2021-30713	TCC	https://www.jamf.com/blog/zero-day-tcc-bypass-discovered-in-xcsset-malware/
CVE-2021-30724	CVMS	https://gist.github.com/jhftss/1bdb0f8340bfd56f7f645c080e094a8b https://www.trendmicro.com/en_us/research/21/f/CVE-2021-30724_CVMServer_Vulnerability_in_macOS_and_iOS.html
CVE-2021-30734&CVE-2021-30735	WebKit&Graphics Drivers	https://github.com/ret2/Pwn2Own-2021-Safari
CVE-2021-30740&CVE-2021-30768&CVE-2021-30769&CVE-2021-30770&CVE-2021-30773	Kernel&dyld&Identity Service	https://github.com/LinusHenze/Fugu14
CVE-2021-30798	TCC	https://jhftss.github.io/CVE-2021-30798-TCC-Bypass-Again-Inspired-By-XCSSET/
CVE-2021-30807	IOMobileFrameBuffer	https://saaramar.github.io/IOMobileFrameBuffer_LPE_POC/
CVE-2021-30833	xar	https://research.nccgroup.com/2021/10/28/technical-advisory-apple-xar-arbitrary-file-write-cve-2021-30833/
CVE-2021-30853	GateKeeper	https://objective-see.com/blog/blog_0x6A.html
CVE-2021-30860	CoreGraphics	https://www.trendmicro.com/en_us/research/21/i/analyzing-pegasus-spywares-zero-click-iphone-exploit-forcedentry.html https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html
CVE-2021-30861&CVE-2021-30975	Script Editor&WebKit	https://www.ryanpickren.com/safari-uxss
CVE-2021-30864	LaunchServices	https://perception-point.io/a-technical-analysis-of-cve-2021-30864-bypassing-app-sandbox-restrictions/
CVE-2021-30869	XNU	https://blog.google/threat-analysis-group/analyzing-watering-hole-campaign-using-macos-exploits/
CVE-2021-30883	IOMobileFrameBuffer	https://saaramar.github.io/IOMFB_integer_overflow_poc/
CVE-2021-30892	zsh	https://www.microsoft.com/security/blog/2021/10/28/microsoft-finds-new-macos-vulnerability-shrootless-that-could-bypass-system-integrity-protection/
CVE-2021-30902	Voice Control	https://blog.zecops.com/research/use-after-free-in-voice-control-cve-2021-30902/
CVE-2021-30955	Kernel	https://www.cyberkl.com/cvelist/cvedetail/24 https://github.com/tihmstar/desc_race-fun_public https://gist.github.com/jakeajames/37f72c58c775bfbdda3aa9575149a8aa
CVE-2021-30970	TCC	https://www.microsoft.com/security/blog/2022/01/10/new-macos-vulnerability-powerdir-could-lead-to-unauthorized-user-data-access/
CVE-2021-30990	LaunchServices	https://ronmasas.com/posts/bypass-macos-gatekeeper
CVE-2022-22582	xar	https://research.nccgroup.com/2022/03/15/technical-advisory-apple-macos-xar-arbitrary-file-write-cve-2022-22582/
CVE-2022-22616	Safari Downloads	https://jhftss.github.io/CVE-2022-22616-Gatekeeper-Bypass/
CVE-2022-22639	SoftwareUpdate	https://www.trendmicro.com/en_us/research/22/d/macos-suhelper-root-privilege-escalation-vulnerability-a-deep-di.html
CVE-2022-22655	TCC	https://theevilbit.github.io/posts/cve-2022-22655/
CVE-2022-22660	System Preferences	https://rambo.codes/posts/2022-03-15-how-a-macos-bug-could-have-allowed-for-a-serious-phishing-attack-against-users
CVE-2022-26696	Terminal	https://wojciechregula.blog/post/macos-sandbox-escape-via-terminal/
CVE-2022-26706	LaunchServices	https://www.microsoft.com/security/blog/2022/07/13/uncovering-a-macos-app-sandbox-escape-vulnerability-a-deep-dive-into-cve-2022-26706/
CVE-2022-26712	PackageKit	https://jhftss.github.io/CVE-2022-26712-The-POC-For-SIP-Bypass-Is-Even-Tweetable/
CVE-2022-26743	Kernel	https://pwning.systems/posts/easy-apple-kernel-bug/
CVE-2022-26766&CVE-2022-26763	CoreTrust&DriverKit	https://worthdoingbadly.com/coretrust/
CVE-2022-32787	ICU	https://ssd-disclosure.com/ssd-advisory-apple-safari-icu-out-of-bounds-write/
CVE-2022-32816	WebKit	https://ssd-disclosure.com/ssd-advisory-apple-safari-idn-url-spoofing/
CVE-2022-32832	APFS	https://github.com/Muirey03/CVE-2022-32832
CVE-2022-32883	Maps	https://github.com/breakpointHQ/CVE-2022-32883
CVE-2022-32895	PackageKit	https://www.trendmicro.com/en_us/research/22/k/cve-2019-8561-a-hard-to-banish-packagekit-framework-vulnerabilit.html
CVE-2022-32902	ATS	https://jhftss.github.io/CVE-2022-32902-Patch-One-Issue-and-Introduce-Two/
CVE-2022-32910	Archive Utility	https://www.jamf.com/blog/jamf-threat-labs-macos-archive-utility-vulnerability/
CVE-2022-32929	Backup	https://theevilbit.github.io/posts/cve-2022-32929/
CVE-2022-32845&CVE-2022-32899&CVE-2022-32948&CVE-2022-42805	Apple Neural Engine	https://github.com/0x36/weightBufs
CVE-2022-32898	Apple Neural Engine	https://0x36.github.io/CVE-2022-32898/
CVE-2022-32932	Apple Neural Engine	https://0x36.github.io/CVE-2022-32932/
CVE-2022-42821	Gatekeeper	https://www.microsoft.com/en-us/security/blog/2022/12/19/gatekeepers-achilles-heel-unearthing-a-macos-vulnerability/
CVE-2022-42837	iTunes Store	https://www.anquanke.com/post/id/284452
CVE-2022-42841	PackageKit	https://sector7.computest.nl/post/2023-01-xar/
CVE-2022-42845	Kernel	https://adamdoupe.com/blog/2022/12/13/cve-2022-42845-xnu-use-after-free-vulnerability-in-ndrv-dot-c/
CVE-2022-42864	IOHIDFamily	https://muirey03.blogspot.com/2023/01/cve-2022-42864-diabolical-cookies.html
CVE-2022-46689	Kernel	https://github.com/zhuowei/MacDirtyCowDemo
CVE-2023-23504	Kernel	https://adamdoupe.com/blog/2023/01/23/cve-2023-23504-xnu-heap-underwrite-in-dlil-dot-c/
CVE-2023-23513&CVE-2023-23539&CVE-2023-28180&CVE-2023-27934&CVE-2023-27935&CVE-2023-27953&CVE-2023-27958&CVE-2023-32387	dcerpc	https://blog.talosintelligence.com/weaknesses-mac-os-vmware-msrpc/
CVE-2023-23525	LaunchServices	https://jhftss.github.io/CVE-2023-23525-Get-Root-via-A-Fake-Installer/
CVE-2023-27941&CVE-2023-28200	Kernel	https://github.com/0x3c3e/slides/blob/main/2023/zer0con/README.md
CVE-2023-27943	LaunchServices	https://redcanary.com/blog/gatekeeper-bypass-vulnerabilities/
CVE-2023-27951	Archive Utility	https://redcanary.com/blog/gatekeeper-bypass-vulnerabilities/
CVE-2023-32364	AppSandbox	https://gergelykalman.com/CVE-2023-32364-a-macOS-sandbox-escape-by-mounting.html
CVE-2023-32369	libxpc	https://www.microsoft.com/en-us/security/blog/2023/05/30/new-macos-vulnerability-migraine-could-bypass-system-integrity-protection/
CVE-2023-32407	Metal	https://gergelykalman.com/lateralus-CVE-2023-32407-a-macos-tcc-bypass.html
CVE-2023-32422	SQLite	https://gergelykalman.com/sqlol-CVE-2023-32422-a-macos-tcc-bypass.html
CVE-2023-38571	Music	https://gergelykalman.com/CVE-2023-38571-a-macOS-TCC-bypass-in-Music-and-TV.html
CVE-2023-41061&CVE-2023-41064	Wallet&ImageIO	https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/
CVE-2023-42931	DiskArbitration	https://hackhunting.com/2024/04/05/easy-root-privilege-escalation-in-apple-macos-ventura-sonoma-monterey-cve-2023-42931/
CVE-2023-42942	libxpc	https://jhftss.github.io/CVE-2023-42942-xpcroleaccountd-Root-Privilege-Escalation/
CVE-2024-27822	PackageKit	https://khronokernel.com/macos/2024/06/03/CVE-2024-27822.html
multiple	lock screen bypass	https://blog.dinosec.com/2014/09/bypassing-ios-lock-screens.html

tools

Just some little dev tools to probe IOKit:

https://github.com/Siguza/iokit-utils

Dyld Shared Cache Support for BinaryNinja:

https://github.com/cxnder/bn-dyldsharedcache

iOS/MacOS Kernelcache/Extensions analysis tool:

https://github.com/lilang-wu/p-joker

Extract Binaries from Apple's Dyld Shared Cache:

https://github.com/arandomdev/DyldExtractor

An Application for Inspecting macOS Installer Packages:

https://mothersruin.com/software/SuspiciousPackage/

static analysis tool for analyzing the security of Apple kernel drivers:

https://github.com/alibaba-edu/Driver-Security-Analyzer

Coralsun is a small utility cython library used to provide python support for low level kernel features:

https://github.com/FSecureLABS/coralsun

Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research:

https://github.com/redcanaryco/mac-monitor

a set of developer tools that help in analyzing crashes on macOS:

CrashWrangler

crashwrangler with support for Apple Silicon:

https://github.com/ant4g0nist/crashwrangler

Reliable, open-source crash reporting for iOS, macOS and tvOS:

https://github.com/microsoft/plcrashreporter

fuzzers

public:

macOS 10.13 kernel fuzzer

https://github.com/FSecureLABS/OSXFuzz

binary code-coverage fuzzer for macOS, based on libFuzzer and LLVM

https://github.com/ant4g0nist/ManuFuzzer

automate the generation of syscall specifications for closed-source macOS drivers and facilitate interface-aware fuzzing

https://github.com/seclab-ucr/SyzGen_setup

binary code-coverage fuzzer for Windows and macOS

https://github.com/googleprojectzero/Jackalope

a fork of XNU that contains support for fuzzing the network stack in userland on macOS and Linux-based hosts

https://github.com/googleprojectzero/SockFuzzer

fuzzing OSX kernel vulnerability based on passive inline hook mechanism in kernel mode

https://github.com/SilverMoonSecurity/PassiveFuzzFrameworkOSX

patch honggfuzz to get coverage guided fuzzing of closed source libraries on macOS based on trap

https://github.com/googleprojectzero/p0tools/tree/master/TrapFuzz

patch honggfuzz to fuzz iOS library on M1 mac

https://github.com/googleprojectzero/p0tools/tree/master/iOSOnMac

patch that build WebKitGTK+ with ASAN and make some changes that make fuzzing easier

https://github.com/googleprojectzero/p0tools/tree/master/WebKitFuzz

AArch64 fuzzer based on the Apple Silicon hypervisor

https://github.com/Impalabs/hyperpom

private:

fuzz macOS kernel extension

KextFuzz: Fuzzing macOS Kernel EXTensions on Apple Silicon via Exploiting Mitigations

Improving Mac OS X Security Through Gray Box Fuzzing Technique

fuzzer based on LLDB

Debug for Bug: Crack and Hack Apple Core by Itself

port syzkaller to macOS

Drill Apple Core: Up and Down - Fuzz Apple Core Component in Kernel and User Mode for Fun and Profit

conference

conference	link
blackhat asia 2021	Racing the Dark: A New TOCTTOU Story from Apple's Core
blackhat asia 2021	Apple Neural Engine Internal: From ML Algorithm to HW Registers
blackhat asia 2021	The Price of Compatibility: Defeating macOS Kernel Using Extended File Attributes
blackhat europe 2015	Attacking the XNU Kernel in El Capitan
blackhat usa 2021	20+ Ways to Bypass Your macOS Privacy Mechanisms
blackhat usa 2021	Everything has Changed in iOS 14,but Jailbreak is Eternal
blackhat usa 2021	Reverse Engineering the M1
blackhat usa 2021	Hack Different:Pwning iOS 14 With Generation Z Bugz
blackhat usa 2021	Wibbly Wobbly, Timey Wimey:What's Really Inside Apple's U1 Chip
CanSecWest 2016	Don't Trust Your Eye: Apple Graphics Is Compromised!
CanSecWest 2017	Port(al) to the iOS Core
CSS 2019	如何批量挖掘macOS/iOS内核信息泄漏漏洞
defcon26	Attacking the macOS Kernel Graphics Driver
defcon29	Caught you - reveal and exploit IPC logic bugs inside Apple
hexacon2022	Cinema time!
hexacon2022	More Tales from the iOS/macOS Kernel Trenches
hexacon2022	Attacking Safari in 2022
HITB AMS 2021	macOS local security:escaping the sandbox and bypassing TCC
HITB GSEC 2019	Recreating an iOS 0-day jailbreak out of Apple’s security patches
HITB SIN 2022	One-Click to Completely Take Over A macOS Device
ISC 2017	手把手教你突破 iOS 9.x 用户空间防护
mch2022	My journey to find vulnerabilities in macOS
Objective by the Sea	https://objectivebythesea.com/
syscan360 2016	Memory corruption is for wusies!