Archive
56 pieces of security research, engineering and field notes.
Service accounts, API keys, OAuth tokens and AI agent credentials now vastly outnumber human users in enterprise cloud environments. The security models designed for human identity governance do not apply. The gap is producing a new class of breach.
A pro-Israel hacking group stole more than $90 million from Iran's largest crypto exchange - then destroyed it. The funds were sent to wallets nobody controls.
Coinbase disclosed that criminals bribed overseas support agents to steal customer data for 69,461 users. The ransom demand was $20 million. The estimated cleanup cost is $400 million. The vulnerability was human.
Every LLM interaction is metered in tokens - fragments of words that map directly to GPU cycles and electricity bills. A look at what tokens actually are and why they cost what they do.
A compromised GitHub Action silently rewrote every version tag to point at a single malicious commit - exposing secrets across 23,000 repositories in the process.
DeepSeek matched OpenAI at a fraction of the cost. The security shortcuts it took to get there were just as cheap.
Phobos ransomware dressed itself up as Vx-Underground - ransom notes, file extensions and all. Here's what the impersonation looked like under the hood.
