Articles
Long-form writing on tech, culture, and the edges of the internet.
The number on the screen is a guess
The Canvas hack scope is not confirmed. A senior operator breakdown of what failed, what is rumour, and what users must now do.
User namespaces are still a root pipe
Dirty Frag is a Linux kernel UAF in IP fragment reassembly reachable via unprivileged user namespaces. CVSS 7.8. Mechanism, telemetry gaps, patch boundary.
Your inbox is now your credential store.
CVE-2026-44843 turns a chat message into credential theft. Operator briefing on what failed, what is not confirmed, and what must now be true.
Your patched kernel is still vulnerable
Dirty Frag - CVE-2026-31337, CVSS 7.8 - is a UAF in the Linux kernel's IPv4 fragment reassembly path. Container-to-host root on every major distro.
Z3R0DAY refuses to model unconfirmed Canvas breach
A breach claim referencing Canvas has been raised. Scope, vector, and data classes are not confirmed. Exposure cannot be quantified from the input.
GTFOBins catalogues privilege misconfiguration
GTFOBins documents a structural property of Unix privilege: grants bind to binaries, not operations, and the gap is the escalation surface.
The kernel commit lands. Your fleet is exposed.
Linux kernel CVEs publish without distro pre-notice. The exposure window opens at upstream commit, not at advisory. Measure the right number.
The router is signing its own logs
Iran's claim about US backdoors in networking equipment describes an exposure pattern already present. The device is an actor, not infrastructure.
RedSun turned Defender into a write primitive
RedSun turned Windows Defender's remediation path into a SYSTEM-level write primitive. The mechanism, the class, and what it exposes.
Paying the ransom buys nothing here.
A ransomware build that destroys files is a wiper. The defensive failure is execution authority over data, not cryptography.
Unknown party drops funnyapp.exe Windows zeroday
A zeroday privilege escalation binary named funnyapp.exe exposes the Windows default trust model. What failed, what it exposes, what must change.
Chrome's fourth 2026 zero-day ships mid-cycle
Google's fourth exploited Chrome zero-day of 2026 patches a V8 type confusion bug. The real risk is the patch-to-deployment window.