Articles
Long-form writing on tech, culture, and the edges of the internet.
Your endpoint agent is the intrusion vector.
Two Microsoft Defender vulnerabilities are under active exploitation. One grants full SYSTEM. CISA deadline June 3. What to verify now.
The zero-day wasn't the failure.
Luxembourg's national telecoms network collapsed from one Huawei zero-day. The failure was architectural, not vendor-specific. Concentration was the control gap.
Your BitLocker bypass mitigation fixes nothing yet
Microsoft shipped a mitigation for CVE-2026-45585 YellowKey BitLocker bypass. What is confirmed, what is not, and what operators must verify.
Your privacy settings are decoration.
Privacy is no longer a default state. A former black hat defines what failed, why it failed, and what operators must now assume.
Bitsight found 6,000 unauthenticated fuel gauges online
6,000 Automatic Tank Gauges are exposed to the internet with no authentication. The protocol, the owners, and why the fix isn't technical.
CISA pushed passwords to a public repo
A top cyberdefense agency published credentials in a public GitHub repository. A control analysis of what failed and what must now be true.
Discord's E2EE doesn't make your calls private
Discord rolled out E2EE on voice and video calls. What the control covers, what it does not, and where attackers will redirect effort.
GitHub breached. Scope unknown.
GitHub disclosed an internal data breach with no mechanism stated. Operator analysis of confirmed facts, structural exposure, and required tenant action.
How GCC 4.3 deleted a NULL check in 2009
How undefined behavior in C lets compilers delete safety checks, why it drives most memory-safety CVEs, and what it means for AI-generated code.
March 2019 changed who reads binaries
Free disassemblers and decompilers changed who can audit binaries. The defender, attacker, and AI safety implications are now playing out in practice.
The 2021 bucket that sat open for nine years
Abandoned files, forgotten buckets, and stale subdomains are the cheapest way attackers get in. Here is how to find yours before they do.
The extension on your dock just shipped malware
A compromised VSCode extension reached GitHub. Breakdown of the trust boundary that failed and what developer endpoints actually expose.