All Posts

The Legacy That Won’t Die: How Microsoft’s Love Affair with SMBv1 Keeps the Enterprise Vulnerable

Forgotten Moons, Lost Wealth, and the Reassembly of the Internet’s Soul

Think the Salesforce Drift event is just gonna blow over? Look again

ClaudeAI Didn’t Hack You — But He Made It Easier (and cheaper)

How does Claude and the Botnets find targets? They look!

UNC6395 and the Drift OAuth Breach: A Supply Chain Failure with Consumer Consequences

OAuth’s Blind Spot: Lessons from the Salesloft Drift Compromise

Cloud Espionage in the Crosshairs: How Murky Panda Is Weaponizing Entra ID Trust

Build It Like You Mean It

“McDonald's, I came here to chew bubblegum and secure your pipeline… and I’m all outta bubblegum.”

How to Review OAuth in Atlassian Products Without Losing Your Sanity

Why the UNC6395 Breach Is Likely to Cascade—Just Like Snowflake’s Did

Guest Blog Post: “Zero Trust, Zero Soul: Why I Hate Your IAM Stack”

Rebooting the Machine: Modernization in Practice

Guest Blog Post: “The Algorithmic Antichrist: How AI Became the Enemy of Anarchy - by Tyler Durden”

Shrink the Blast Radius, Baby: Salesforce Permissions for Demon-Free Admins

Conan the Barbarian shares real life tips for Salesforce Security!

Counterpoint: Lo Pan’s Manifesto: Let the Botnets Rise

Big Trouble in Little Firmware

🛸 Introducing “Insecurities”: Where Enterprise Security Gets Weird