macOS Apprentice [SUBSCRIBER]

macOS Apprentice is a series of multi-chapter tutorials where you’ll learn about developing native
macOS apps in Swift, using both SwiftUI — Apple’s newest user interface technology — and AppKit — the
venerable UI framework. Along the way, you’ll learn several ways to execute Swift code and you’ll build
two fully featured apps from scratch.
If you’re new to macOS and Swift, or to programming in general, learning how to write an app can seem
incredibly overwhelming.
That’s why you need a guide that:
<ul>
<li>Shows you how to write an app step-by-step.</li>
<li>Uses tons of illustrations and screenshots to make everything clear.</li>
<li>Guides you in a fun and easy-going manner.</li>
</ul>
You’ll start at the very beginning. The first section assumes you have little to no knowledge of programming in Swift.
It walks you through installing Xcode and then teaches you the basics of the Swift programming language. Along the way,
you’ll explore several different ways to run Swift code, taking advantage of the fact that you’re developing natively
on macOS.
macOS Apprentice doesn’t cover every single feature of macOS; it focuses on the absolutely essential ones.
Instead of just covering a list of features, macOS Apprentice does something much more important: It explains how all the
building blocks fit together and what is involved in building real apps. You’re not going to create quick example programs that
demonstrate how to accomplish a single feature. Instead, you’ll develop complete, fully-formed apps, while exploring many of
the complexities and joys of programming macOS.
<h3>How is this book different than macOS by Tutorials?</h3>
Our other book on building apps for macOS, <a href="https://troz.net/books/macos_tutorials/">macOS by Tutorials</a>, is designed
for developers who have a solid background in iOS development and are looking to make the leap to developing native macOS apps.
This book, macOS Apprentice, is designed to teach new developers how to build macOS apps while assuming they have little to
no experience with Swift or any other part of the Apple development ecosystem.

Source: Read More

CVE-2025-38165 – Linux BPF Sockmap Panic Vulnerability

July 3, 2025

CVE ID : CVE-2025-38165

Published : July 3, 2025, 9:15 a.m. | 2 hours, 14 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

bpf, sockmap: Fix panic when calling skb_linearize

The panic can be reproduced by executing the command:
./bench sockmap -c 2 -p 1 -a –rx-verdict-ingress –rx-strp 100000

Then a kernel panic was captured:
”’
[ 657.460555] kernel BUG at net/core/skbuff.c:2178!
[ 657.462680] Tainted: [W]=WARN
[ 657.463287] Workqueue: events sk_psock_backlog
…
[ 657.469610]
[ 657.469738] ? die+0x36/0x90
[ 657.469916] ? do_trap+0x1d0/0x270
[ 657.470118] ? pskb_expand_head+0x612/0xf40
[ 657.470376] ? pskb_expand_head+0x612/0xf40
[ 657.470620] ? do_error_trap+0xa3/0x170
[ 657.470846] ? pskb_expand_head+0x612/0xf40
[ 657.471092] ? handle_invalid_op+0x2c/0x40
[ 657.471335] ? pskb_expand_head+0x612/0xf40
[ 657.471579] ? exc_invalid_op+0x2d/0x40
[ 657.471805] ? asm_exc_invalid_op+0x1a/0x20
[ 657.472052] ? pskb_expand_head+0xd1/0xf40
[ 657.472292] ? pskb_expand_head+0x612/0xf40
[ 657.472540] ? lock_acquire+0x18f/0x4e0
[ 657.472766] ? find_held_lock+0x2d/0x110
[ 657.472999] ? __pfx_pskb_expand_head+0x10/0x10
[ 657.473263] ? __kmalloc_cache_noprof+0x5b/0x470
[ 657.473537] ? __pfx___lock_release.isra.0+0x10/0x10
[ 657.473826] __pskb_pull_tail+0xfd/0x1d20
[ 657.474062] ? __kasan_slab_alloc+0x4e/0x90
[ 657.474707] sk_psock_skb_ingress_enqueue+0x3bf/0x510
[ 657.475392] ? __kasan_kmalloc+0xaa/0xb0
[ 657.476010] sk_psock_backlog+0x5cf/0xd70
[ 657.476637] process_one_work+0x858/0x1a20
”’

The panic originates from the assertion BUG_ON(skb_shared(skb)) in
skb_linearize(). A previous commit(see Fixes tag) introduced skb_get()
to avoid race conditions between skb operations in the backlog and skb
release in the recvmsg path. However, this caused the panic to always
occur when skb_linearize is executed.

The “–rx-strp 100000″ parameter forces the RX path to use the strparser
module which aggregates data until it reaches 100KB before calling sockmap
logic. The 100KB payload exceeds MAX_MSG_FRAGS, triggering skb_linearize.

To fix this issue, just move skb_get into sk_psock_skb_ingress_enqueue.

”’
sk_psock_backlog:
sk_psock_handle_skb
skb_get(skb)
Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

10 Top Node.js Development Companies for Enterprise-Scale Projects (2025-2026 Ranked & Reviewed)

12 Must-Know Cost Factors When Hiring Node.js Developers for Your Enterprise

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

Microsoft reportedly lacks the know-how to fully leverage OpenAI’s tech — despite holding IP rights

Laravel in the First Half of 2025

Laravel in the First Half of 2025

PHP 8.5.0 Alpha 1 available for testing

Recording cross browser compatible media

GOnnect – easy to use VoIP client

GOnnect – easy to use VoIP client

Gnuinos – spin of Devuan Linux

5 Best Free and Open Source Backend Electronic Circuit Simulators

macOS Apprentice [SUBSCRIBER]

What I learned from Inspired

Talk to more users sooner

CVE-2025-32983 – NETSCOUT nGeniusONE Information Disclosure Vulnerability

Microsoft Edge Joins Chrome in Matching Scrollbars to Your Theme

Researchers Uncover Malware in Fake Discord PyPI Package Downloaded 11,500+ Times

Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit

CVE-2025-38165 – Linux BPF Sockmap Panic Vulnerability

CVE-2025-52725 – CouponXxL PEBAS Object Injection Vulnerability

CVE-2025-45474 – Maccms SSRF Vulnerability

No-code data preparation for time series forecasting using Amazon SageMaker Canvas

macOS Apprentice [SUBSCRIBER]

Related Posts