Is Brave coming to the Mac App Store? CEO hints at shift after security flaw exposed

Brave CEO Brendan Eich says the company might reconsider putting its privacy browser on the Mac App Store following warnings about security vulnerabilities in macOS web downloads.

The discussion started when security researchers at Mysk posted on X about a macOS Archive Utility bug tracked as CVE-2026-28910.

The vulnerability allowed attackers to bypass Apple’s App Sandbox data containers and transparency protections.

Mysk pointed out that apps downloaded directly from developer websites are susceptible to executable hijacking. The researchers specifically named Brave and Mullvad as vulnerable targets, praising DuckDuckGo for being the only private browser distributed through the Mac App Store.

Eich responded in the thread after someone had tagged him. He argued that Apple needs to fix macOS itself rather than forcing developers into its ecosystem.

He also acknowledged the situation might force a strategy shift, stating that putting Brave in the Mac App Store “has hair on it” but is something the team can look at again.

The reluctance is common among browser developers. One user in the thread pointed out the main drawback of the App Store is Apple’s strict review process.

If a browser needs an urgent security patch for a zero-day exploit, developers have to wait for Apple to approve the update before users can download it. Direct web downloads bypass this bottleneck.

That said, the specific Archive Utility bug that kick-started the debate is no longer active. Apple patched it in the macOS 26.4 update.

An independent researcher replying to Mysk also noted that the exploit was difficult to execute in the real world. It required a victim to run an attacker’s shell script and manually drag and drop files.

Mysk dismissed that defense. The firm claimed other unpatched local vulnerabilities currently exist in macOS that can hijack executables without requiring any user interaction.

That said, it’s anyone’s guess as to when Brave might appear on the App Store, if at all.

We stand out from the tech-media crowd because we break news stories; we mainly bring you stuff that you won’t find anywhere in the mainstream tech media. Our stories have been picked up by some of the world’s most popular websites and media outlets—more info is available here.