/posts

Write-ups

Pentest methodology, vulnerability research, and web security — field notes over polished decks.

GitHub Issue to Supply Chain Compromise: How Prompt Injection Turned AI Agents into the New CI/CD Kill Chain

When a single GitHub issue can poison an AI agent, steal pipeline credentials, and publish malicious packages to production registries — all without a single binary payload.

Jun 13, 2026 10 min read

prompt-injectionsupply-chainci-cdai-agents +3

Web Security

Weaponizing Secure Email Gateways: When the Sandbox Clicks for the Attacker

When the SEG's sandbox click triggers real actions, the defender becomes the attacker's proxy.

Jun 11, 2026 5 min read

business-logicemail-securitysegssrf-adjacent +2

Vulnerability Research

From Zero to Root: Automating the Logsign Pre-Auth RCE Chain in Metasploit

Chaining CVE-2024-5716 and CVE-2024-5717 into a Metasploit module for root RCE on Logsign.

Jun 10, 2026 6 min read

metasploitrceexploit-devcve-2024-5716 +3

Threat Intelligence

The Convergence: How Supply Chain Attacks Became Ransomware's Favorite Delivery Vehicle

How modern ransomware weaponizes supply chain trust, and where to break the kill chain.

Jun 9, 2026 6 min read

supply-chainransomwareci-cdlateral-movement +2

Threat Intelligence

Inside the Machine: A Technical Anatomy of the 2025 Ransomware Ecosystem

Affiliate infrastructure, negotiation backends, and the TTPs that define modern RaaS operations.

Jun 8, 2026 9 min read

ransomwareraasthreat-intellateral-movement +2

Threat Intelligence

Mapping the Adversary: A Technical Profile of the 2025 APT Landscape

Operational TTPs, infrastructure patterns, and detection strategies for the APT groups shaping 2025.

Jun 7, 2026 9 min read

aptthreat-intelnation-statelateral-movement +2

Threat Intelligence

The Evolution of Modern Ransomware: How They Became This Powerful

From script-kiddie lockers to billion-dollar enterprises — the technical leaps that made ransomware unstoppable.

Jun 6, 2026 10 min read

ransomwareedr-evasionencryptionlateral-movement +1

Web Security

The Treasure of Finding Vulnerabilities: A Researcher's Guide to Secure Code Review

A risk-based methodology for finding the vulnerabilities that scanners and pentests miss.

Aug 4, 2025 5 min read

code-reviewsastsdlcmethodology +2

Vulnerability Research

Anatomy of a Supply Chain Kill Chain: The xz Utils Backdoor (CVE-2024-3094)

How build-system manipulation and IFUNC hijacking turned a compression library into an SSH implant.

Sep 9, 2024 7 min read

supply-chainbackdoorcve-2024-3094linux +2

Threat Intelligence

The Human Firewall: Why Decision Hygiene Is Your Best Security ROI

Why security awareness must evolve from compliance theater to decision hygiene.

Jun 22, 2024 5 min read

security-awarenessphishingoauthsocial-engineering +1

Pentest

Mapping the Digital Metropolis: A Practitioner's Guide to Attack Surface Management

Mapping the digital, human, supply chain, and physical attack surfaces with risk-based prioritization.

Jun 21, 2024 5 min read

attack-surfaceasset-discoveryshadow-itrecon +2