MITRE ATT&CK

2 posts

CERT-IN's 12-hour patch window is not arbitrary

CERT-IN's 12-hour patch window for internet-facing flaws responds to AI-compressed exploitation timelines - what the threshold means operationally.

May 27, 2026

Article

axios CVE-2025-3891: What the Advisories Don't Say About Immutable Images

CVE-2025-3891 in axios allows prototype pollution leading to RCE. This post reveals why deployed container images remain at risk even after patching, due to missing artifact provenance and immutable verification.

Apr 13, 2026