Cybersecurity defence firm XM Cyber has found a security flaw in the Apple macOS operating system. The issue centres on a vulnerability within the core communication architecture used by top enterprise protective software. It is basically a structural gap that allows ordinary system accounts to fully bypass normal security boundaries.
Chaining NIB Injections and XPC Services
Many Mac applications use a background communication system called XPC to allow different parts of the software to communicate with each other. For example, a visible app window might need to send commands to a hidden background service that runs with deep system root access.
According to XM Cyber researchers, these background services usually trust any message that looks like it comes from their own app by checking a code signature known as a CDHash.
However, XM Cyber discovered that hackers can trick this setup by combining a method called CDHash cache exploitation with a NIB payload injection. This allows an unprivileged threat actor to hijack a trusted app. They can launch a real security program to make the Mac system trust it, then manipulate the application bundle structure to inject a malicious interface file.
Once inside, the code uses a tool called JavaScript for Automation (JXA) to bypass standard scripting limits and control low-level system memory. This lets the fake program masquerade as a highly trusted component.
The background service blindly accepts the fake instructions, allowing the hacker to call built-in functions like runProcessWithCommand and terminateAppsAndAgents. The targeted security products, resultantly, end up disabling, unloading, or removing themselves.
Leading Security Tools Affected
XM Cyber successfully used this technique against prominent endpoint tools on macOS platform. On the CrowdStrike Falcon Sensor, a standard user account (UID 502) achieved full sensor unloading via an unprotected XPC interface, terminating detection, process monitoring, and network visibility.
Researchers also targeted the Kandji MDM Agent. An unprivileged user could achieve permanent agent deactivation via a two-phase XPC chain on io.kandji.kandji-daemon by impersonating the Kandji Menu app. This clears the EDR guard pointer and permanently terminates the Endpoint Security Framework (ESF) extension, removing all telemetry. A third, unnamed enterprise EDR vendor was also successfully targeted.
Because the technique abuses legitimate OS behaviour, it doesn’t trigger standard security alerts and leaves almost no forensic trace.
“Organisations must treat this as a major gap in modern endpoint security models, particularly concerning insider threat vectors and post-compromise scenarios,” XM Cyber researchers noted in the report shared with Hackread.com.
Patches and Tools Released
The issue was quickly addressed after the companies were notified. CrowdStrike patched it immediately, paid a bounty reward, and added detection and prevention across all supported macOS sensor versions. Kandji also patched its software and officially logged the flaw as CVE-2026-39118. The unnamed third company is currently working on a patch.
To help fix this issue across the entire Mac network, XM Cyber has built an open-source automated framework called XPC Hunter to scan for and identify these vulnerable spots, and will release this tool at the Black Hat US security conference in August 2026.
