supply chain
39 posts
There is no Linear kernel CVE
Linear's speed comes from a local-first sync engine, not a kernel-memory exploit. The fabricated CVE framing is wrong. The real exposure is elsewhere.
A binary that hands kernel hooks to anyone
Zeroserve packages kernel-adjacent execution surface under userspace pipelines. The artifact crosses a privilege boundary the pipeline was not scoped to see.
Cooldown does not fix the resolver
Bundler 2.6 cooldown defers new gem versions to interrupt published-and-pulled supply chain attacks. The resolver's trust model is the systemic exposure.
Korea's KCSC mandates server-side image parsers
Korea's mandatory AI image scanning forces every forum into a multi-layer parser and ML pipeline. The CVE surface and exploitation paths that result.
memcpy walks off the end of the receiver
rsync shipped six CVEs in January 2025. LLMs did not write new bugs - they compressed variant discovery, harness generation, and vulnerable deployment.
Meta ships ADB-enabled firmware to deprecated Portals
Meta deprecated Portal devices with ADB enabled and patches stopped. Unpatched Android cameras and microphones now sit as permanent network exposure.
Netherlands restricts DigiD to European operator
Dutch government restricts DigiD operation to a European vendor. Jurisdiction changes. The single-vendor identity concentration risk does not.
340 million records, unverified seller
Technical analysis of plausible attack vectors behind the claimed OnlyFans 340M record leak, with detection signatures for each path.
Malicious VSCode extension shipped through official Marketplace
Technical analysis of a compromised VSCode extension reaching GitHub credentials: extension host privileges, MITRE ATT&CK mapping, telemetry gaps.
Megalodon hijacked 55,000 GitHub repos via token replay
Megalodon compromised 55,000+ GitHub repositories through PAT harvesting, pull_request_target abuse, and OAuth scope inheritance. Technical breakdown.
Your valid credentials are the breach.
Technical analysis of a coordinated GitHub Actions workflow compromise across 5,561 repositories, with detection guidance for audit log and EDR telemetry.
Malicious commits breached 5,561 repositories
5,561 GitHub repos received malicious CI/CD commits disguised as bot maintenance. The failure was identity enforcement, not exploit complexity.