Articles
Long-form writing on tech, culture, and the edges of the internet.
GTFOBins catalogues privilege misconfiguration
GTFOBins documents a structural property of Unix privilege: grants bind to binaries, not operations, and the gap is the escalation surface.
The kernel commit lands. Your fleet is exposed.
Linux kernel CVEs publish without distro pre-notice. The exposure window opens at upstream commit, not at advisory. Measure the right number.
The router is signing its own logs
Iran's claim about US backdoors in networking equipment describes an exposure pattern already present. The device is an actor, not infrastructure.
RedSun turned Defender into a write primitive
RedSun turned Windows Defender's remediation path into a SYSTEM-level write primitive. The mechanism, the class, and what it exposes.
Paying the ransom buys nothing here.
A ransomware build that destroys files is a wiper. The defensive failure is execution authority over data, not cryptography.
Unknown party drops funnyapp.exe Windows zeroday
A zeroday privilege escalation binary named funnyapp.exe exposes the Windows default trust model. What failed, what it exposes, what must change.
Chrome's fourth 2026 zero-day ships mid-cycle
Google's fourth exploited Chrome zero-day of 2026 patches a V8 type confusion bug. The real risk is the patch-to-deployment window.
The login page was never the boundary
Cisco's CVSS 9.8 IMC authentication bypass shows why perimeter-based identity fails: when reachability equals admin, the network is the credential.
Google's 1,302 case studies prove almost nothing
Meta cut 8,000 jobs to fund GPUs
Ransomware ships a wiper
A ransomware strain destroys files above 128KB, breaking its own decryption model. What the failure exposes about reversibility assumptions.
Your hosting panel is your attack surface
Active cPanel exploitation is a control plane compromise. The boundary failed before the login form. Operator briefing on what that means.