Articles

Long-form writing on tech, culture, and the edges of the internet.

Shai-Hulud goes public

Shai-Hulud worm published to GitHub by teampcp. What is confirmed, what is not, and the publication interval that matters.

May 14, 2026 5 min read

cybersecurityoperational resilience

A junior operator, an API key, a hundred payloads

Google warns AI-powered hacking has reached industrial scale. Practical operational resilience steps for defenders facing faster, cheaper, adaptive attacks.

May 13, 2026 21 min read

linux-kernelprivilege-escalation

Dirty Frag races the refcount

Dirty Frag (CVE-2026-XXXX) is a Linux kernel page migration race yielding root LPE on all major distros. Mechanism, telemetry, and patch boundary.

May 13, 2026 6 min read

zero-daywindows-11

Four Windows 11 zero-days on one desk

One researcher controls the release cadence on four Windows 11 zero-days, including BitLocker bypass yellowkey and LPE greenplasma.

May 13, 2026 6 min read

cybersecurity internshipsburp suite

Internship orders interns to install cracked Burp

A cybersecurity internship told interns to install cracked Burp Suite Pro. Here is what that directive actually means and why the operator must refuse it.

May 13, 2026 6 min read

cve-2026-44843credential-theft

One chat message empties the credential vault

CVE-2026-44843 produces credential theft on chat message receipt. No user action required. Operator analysis of the failure mode and exposure pattern.

May 13, 2026 5 min read

windows 11zero day

Patch status is not your risk variable

Operator brief on yellowkey and greenplasma, two public Windows 11 zero-days from the bluehammer and redsun researcher. What failed. What must now be true.

May 13, 2026 7 min read

polymarketdata breach

Polymarket breach claim, act now

Threat actor xorcat publicly claims a 300,000-user Polymarket data leak. Operator brief on contested boundary state, user exposure, and required posture.

May 13, 2026 7 min read

canvas-breachlms-security

Reporting the Canvas breach details is malpractice

Canvas LMS breach analysis where vector, scope, and data classes remain unconfirmed, and what structural identity exposure that creates.

May 13, 2026 7 min read

canvas breachdata exposure

The breach scope you're quoting is fiction

Canvas breach scope is not confirmed. Operator brief on what failed, what must be assumed, and what users and institutions must do now.

May 13, 2026 8 min read

access governancehealthcare breach

The record count is not the breach

A board-level brief on the healthcare data breach: access governance did not hold at runtime, and assurance must now be proven, not assumed.

May 13, 2026 8 min read

board governancenation-state risk

US extradites alleged Chinese state hacker

An extradition in an alleged state-aligned cyber matter shifts the standard of care boards will be measured against in disclosure and litigation.

May 13, 2026 7 min read