Articles
Long-form writing on tech, culture, and the edges of the internet.
Binding 65535 ports is the easy part
Architecture and evasion realities of an LLM honeypot binding all 65535 ports - TPROXY, latency tiers, fingerprint defence, and detection traps.
CISA flagged a 17-year-old Excel flaw
A 17 year old Excel flaw is being actively exploited and flagged by US cyber defence. Operator analysis of what failed, why, and what must change.
Engineering teams keep granting agents production database writes
AI agent vulnerabilities are systems engineering failures, not security failures. The fix is architectural containment, not better prompts or guardrails.
Lagos published guidelines, not controls
Lagos cybersecurity guidelines describe intent, not enforcement. An operator analysis of why policy without system-level controls does not stop attackers.
Pick offense or defense
Two paths into infosec - offense and defense - broken down at the mechanism level. Foundation, tooling, telemetry, and the divergence point.
The helpdesk chat window is the breach
Microsoft Teams helpdesk impersonation succeeds because identity verification is placed at the channel boundary, not at the credential action.
The power adapter was the attack
A WiFi camera concealed in a hotel power adapter transmitted to a foreign server. The boundary failed at the physical layer.
Your security scanner is the breach.
Cisco source code stolen, AWS keys breached, 300 repositories cloned. The exfiltration channel was Trivy operating inside Cisco's CI pipeline.
1,300 SharePoint servers speaking for someone else
Over 1,300 SharePoint servers expose a spoofing primitive where authentication and identity validation collapse into a single unenforced control.
135 Million Records Behind One Perimeter
McGraw Hill's 135 million account exposure proves edtech identity was classified low-risk while attackers priced it as inventory.
Claude Desktop installs silent macOS persistence
macOS grants signed apps install-time trust, then stops validating. Persistence lives in that gap. The trust model is the exposure.
Forage simulation maps your broken controls
The Mastercard Forage cybersecurity simulation surfaces the same enforcement drift red teamers exploit in mature security programs. Operator breakdown.