Articles
Long-form writing on tech, culture, and the edges of the internet.
Six thousand fuel gauges answer every stranger
Six thousand exposed fuel gauges are not a vulnerability. They are a trust model that outlived the wire it was built on.
The agency was the breach.
A US cybersecurity agency published digital keys to a public GitHub repository. The exposure defines the failure class. Recovery requires rotation.
The IIS virtual directory that won't stop bleeding
Technical analysis of the Exchange Server zero-day, the frontend-to-backend trust boundary it abuses, and what fires in EDR and IIS telemetry.
The patch shipped. The install didn't.
Microsoft confirmed Windows 11 security updates are failing to install. Patch state is now a claim, not a measurement. Verify out-of-band.
Torvalds declares Linux security list unmanageable
Linus Torvalds says AI bug hunters have made the Linux security list unmanageable. An operator read on what failed at the intake boundary.
A few bytes spill onto the next heap chunk
Technical writeup of CVE-2026-42945, the NGINX rewrite module heap overflow, plus what it means for LLM deployments sitting behind the proxy.
A handle, a token, a SYSTEM shell
MiniPlasma is not a kernel defect. It is the externally visible behaviour of a trust model that confuses reference with verification.
An NGINX worker just crashed in production
Board-level briefing on NGINX CVE-2026-42945: confirmed in-the-wild exploitation, edge exposure, control failure at runtime, and what must be established.
Audi faces scrutiny over myAudi platform exposure
A board-level view of the myAudi connected vehicle security concern: exposure, control failure, and the conditions directors must now enforce.
?auth=YWRtaW46MTEK and a million open cameras
Technical breakdown of the auth bypass, P2P relay, and default-credential failures that exposed over a million IP cameras and baby monitors.
Better AI isn't what separates winning deployments.
Stanford studied 51 AI deployments and found a 71 vs 40 productivity gap. The difference was pipeline design, not model choice.
Eight months building a Burp Suite replacement
An honest write-up of building Interceptor, an open-source Burp Suite alternative - license choices, attacker math, defender economics, and what got cut.