cybersecurity
30 posts
Your privacy settings are decoration.
Privacy is no longer a default state. A former black hat defines what failed, why it failed, and what operators must now assume.
March 2019 changed who reads binaries
Free disassemblers and decompilers changed who can audit binaries. The defender, attacker, and AI safety implications are now playing out in practice.
The 2021 bucket that sat open for nine years
Abandoned files, forgotten buckets, and stale subdomains are the cheapest way attackers get in. Here is how to find yours before they do.
What a $5 VPS honeypot taught me
An open-source honeypot probe database queryable via curl, HTTP, and MCP - what it catches, why it helps small defenders, and where the risks actually sit.
Microsoft's patch cadence is not the problem
The Exchange zero-day is the fifth in the same pattern since 2021. Why patching faster is not the fix, and what actually reduces blast radius.
Stealth Playwright breaks your bot detection
A circulating stealth Playwright Firefox build is reported to pass antibot and captcha, exposing the limits of any control that delegates verification to the client.
A junior operator, an API key, a hundred payloads
Google warns AI-powered hacking has reached industrial scale. Practical operational resilience steps for defenders facing faster, cheaper, adaptive attacks.
The router is signing its own logs
Iran's claim about US backdoors in networking equipment describes an exposure pattern already present. The device is an actor, not infrastructure.
CVE-2026-3854 puts GitHub inside your trust boundary
CVE-2026-3854 enables RCE on GitHub.com and Enterprise Server. Why platform compromise becomes customer compromise across identity, secrets, and artefacts.
Lagos published guidelines, not controls
Lagos cybersecurity guidelines describe intent, not enforcement. An operator analysis of why policy without system-level controls does not stop attackers.
Pick offense or defense
Two paths into infosec - offense and defense - broken down at the mechanism level. Foundation, tooling, telemetry, and the divergence point.
1,300 SharePoint servers speaking for someone else
Over 1,300 SharePoint servers expose a spoofing primitive where authentication and identity validation collapse into a single unenforced control.