breach analysis
3 posts
Article
Reputation is not a control
Harvard.edu and 140 other domains reported compromised. Why reputation-based controls fail when trusted origins are turned against their consumers.
Article
Z3R0DAY refuses to model unconfirmed Canvas breach
A breach claim referencing Canvas has been raised. Scope, vector, and data classes are not confirmed. Exposure cannot be quantified from the input.
Article
OAuth ate your secrets
The Vercel OAuth breach shows environment variables are not protected by location, only by the identity assertion placed in front of them.