Articles

Long-form writing on tech, culture, and the edges of the internet.

Cognizant's bench is shrinking by design

Cognizant's automation push isn't a productivity story - it's the collapse of the services pyramid. What's actually changing, and why most firms will get the transition wrong.

May 1, 2026 9 min read

linux-kernelprivilege-escalation

Copy.fail has been root since 2017

Copy.fail turns an unprivileged Linux user into root via a copy_file_range credential cache flaw. Reachable since 2017. Telemetry gaps explained.

May 1, 2026 6 min read

ransomwareincident response

Encrypted files are writing back to disk

Active ransomware event analysis from an operator perspective: what failed, the underlying mechanism, and the conditions that must now hold.

May 1, 2026 7 min read

openaivendor risk

OpenAI's security plan protects nothing yet

M. Hale on the OpenAI cybersecurity action plan: provider-stated intent is not a control, and the consumer still owns the boundary.

May 1, 2026 8 min read

cybersecurityRCE

CVE-2026-3854 puts GitHub inside your trust boundary

CVE-2026-3854 enables RCE on GitHub.com and Enterprise Server. Why platform compromise becomes customer compromise across identity, secrets, and artefacts.

April 29, 2026 7 min read

claude managed agentsai pricing

Managed Agents pricing is an architecture decision

Claude Managed Agents pricing isn't a cost center - it's an orchestration lever. Here's how to evaluate it against real total cost of ownership.

April 29, 2026 8 min read

supply-chaincisco-breach

ShinyHunters exfiltrated Cisco source through Trivy

ShinyHunters exfiltrated Cisco source code through Trivy. The scanner inherited the runtime's identity. The runtime held everything.

April 29, 2026 6 min read

2fasession hijacking

Your second factor is a phone call

SMS 2FA on PayPal is a routing decision, not a credential. The session cookie is the boundary, and attackers have already routed around the factor.

April 28, 2026 7 min read

physical securityiot threats

A postcard breached a warship

A 5 dollar Bluetooth tracker hidden in a postcard broadcast a 585 million dollar warship's position for 24 hours. The control that failed was classification.

April 27, 2026 5 min read

honeypotdeception

Binding 65535 ports is the easy part

Architecture and evasion realities of an LLM honeypot binding all 65535 ports - TPROXY, latency tiers, fingerprint defence, and detection traps.

April 27, 2026 15 min read

excel vulnerabilitycisa advisory

CISA flagged a 17-year-old Excel flaw

A 17 year old Excel flaw is being actively exploited and flagged by US cyber defence. Operator analysis of what failed, why, and what must change.

April 27, 2026 7 min read

AI agentsLLM security

Engineering teams keep granting agents production database writes

AI agent vulnerabilities are systems engineering failures, not security failures. The fix is architectural containment, not better prompts or guardrails.

April 27, 2026 9 min read