identity boundary
28 posts
Article
Your inbox is now your credential store.
CVE-2026-44843 turns a chat message into credential theft. Operator briefing on what failed, what is not confirmed, and what must now be true.
Article
Encrypted files are writing back to disk
Active ransomware event analysis from an operator perspective: what failed, the underlying mechanism, and the conditions that must now hold.
Article
CISA flagged a 17-year-old Excel flaw
A 17 year old Excel flaw is being actively exploited and flagged by US cyber defence. Operator analysis of what failed, why, and what must change.
Article
OAuth ate your secrets
The Vercel OAuth breach shows environment variables are not protected by location, only by the identity assertion placed in front of them.