Log inSign up
Mickey Jin
306 posts
user avatar
Mickey Jin
@patch1t
Exploring the world with my sword of debugger : )
jhftss.github.io
Joined August 2013
268
Following
5,323
Followers

New to X?

Sign up now to get your own personalized timeline!

Create account

By signing up, you agree to the Terms of Service and Privacy Policy, including Cookie Use.

Terms·Privacy·Cookies·Accessibility·Ads Info·© 2026 X Corp.
Don't miss what's happening
People on X are the first to know.
Log inSign up
  • Pinned
    user avatar
    Mickey Jin
    @patch1t
    Feb 26
    Love the gifts from @Apple Product Security! ❤️❤️❤️
    68K
  • user avatar
    Mickey Jin
    @patch1t
    Apr 1, 2025
    I got 14 new Apple CVEs in this release😎
    user avatar
    ApplSec
    @ApplSec
    Mar 31, 2025
    🐛 NEW SECURITY CONTENT 🐛 💻 macOS Sequoia 15.4 - 131 bugs fixed 💻 macOS Sonoma 14.7.5 - 91 bugs fixed 💻 macOS Ventura 13.7.5 - 85 bugs fixed 📱 iOS and iPadOS 18.4 - 62 bugs fixed 🥽 visionOS 2.4 - 38 bugs fixed 📱 iPadOS 17.7.6 - 38 bugs fixed
    52K
  • user avatar
    Mickey Jin
    @patch1t
    Jul 30, 2025
    I just got 16 new CVEs in this new release 🤣🤣🤣
    34K
  • user avatar
    Mickey Jin
    @patch1t
    Nov 7, 2024
    As promised, I just dropped a dozen new sandbox escape vulnerabilities at #POC2024 If you missed the talk, here is the blog post: jhftss.github.io/A-New-Era-of-m… Slides: github.com/jhftss/jhftss.… Enjoy and find your own bugs 😎
    user avatar
    Mickey Jin
    @patch1t
    Sep 3, 2024
    Actually, 15+ new sandbox escape vulnerabilities discovered. All of them are simple logic issues. You may find your own sandbox 0-days by yourself after listening to this talk!🔥🔥🔥
    84K
  • user avatar
    Mickey Jin
    @patch1t
    Feb 20, 2025
    New 0 day dropped: jhftss.github.io/Parallels-0-da… Conclusion: 1. Don’t trust @thezdi , they are too late to handle our reports. One of my reports was submitted in 2024 Jan, but it is still not disclosed to the vendor. No reply from the ZDI yet! 2. Don’t trust the Parallels security!
    74K
  • user avatar
    Mickey Jin
    @patch1t
    May 17, 2022
    I disclosed 10+ critical SIP-Bypass Vulnerabilities, and Apple had addressed 8 of them as: CVE-2022-22646 CVE-2022-22583 CVE-2022-26688 CVE-2022-22676 CVE-2022-22617 CVE-2022-26690 CVE-2022-26712 CVE-2022-26727 4 CVEs were assigned while not public yet, coming soon.
  • user avatar
    Mickey Jin
    @patch1t
    Sep 15, 2021
    I just found iOS 14.8 not just patched two 0 days. It also patched CVE-2021-1740 again silently. jhftss.github.io/CVE-2021-1740-…
  • user avatar
    Mickey Jin
    @patch1t
    Mar 15, 2022
    [New Blog Post] Simple way to bypass GateKeeper, hidden for years jhftss.github.io/CVE-2022-22616… Demo: youtube.com/watch?v=S5moPn…
  • user avatar
    Mickey Jin
    @patch1t
    May 31, 2023
    Today is my last working day at Trend Micro and I will be working as an independent researcher. 😎
    31K
  • user avatar
    Mickey Jin
    @patch1t
    Sep 3, 2024
    Actually, 15+ new sandbox escape vulnerabilities discovered. All of them are simple logic issues. You may find your own sandbox 0-days by yourself after listening to this talk!🔥🔥🔥
    user avatar
    POC_Crew
    @POC_Crew
    Sep 2, 2024
    [POC2024] SPEAKER UPDATE 1⃣1⃣ 👤 @patch1t - "A New Era of macOS Sandbox Escapes: Diving into an Overlooked Attack Surface and Uncovering 10+ New Vulnerabilities" #POC2024
    105K
  • user avatar
    Mickey Jin
    @patch1t
    Jul 26, 2022
    New Blog Post: jhftss.github.io/CVE-2022-26712… PoC in One Line: sudo /System/Library/PrivateFrameworks/PackageKit.framework/Versions/A/Resources/shove -X /tmp/crafted.db /Library/Application\ Support/com.apple.TCC/TCC.db
  • user avatar
    Mickey Jin
    @patch1t
    Nov 10, 2021
    Cheers to my 100 vulnerabilities, submitted to @thezdi
  • user avatar
    Mickey Jin
    @patch1t
    Apr 5, 2022
    [ New Blog Post ] Get a Root Shell on Monterey trendmicro.com/en_us/research… POC: github.com/jhftss/CVE-202… Demo: youtube.com/watch?v=-vbkTL…
    trendmicro.com
    MacOS SUHelper Root Privilege Escalation Vulnerability A Deep Dive Into CVE-2022-22639
    We discovered a now-patched vulnerability in macOS SUHelper, designated as CVE-2022-22639. If exploited, the vulnerability could allow malicious actors to gain root privilege escalation.
  • user avatar
    Mickey Jin
    @patch1t
    Sep 15, 2021
    [New Blog Post] My analysis for the #pegasus 0-click vulnerability. All is just based on a screenshot from Citizen Lab, but I got the root cause and other conclusions :
    Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus
    From trendmicro.com