Cloudflare Made Agent Sandboxing an Edge Runtime Problem May 2, 2026 field note #ai-agents#cloudflare#sandboxing
GitHub Actions Turned CI Into the Package Manager Nobody Audits Apr 30, 2026 field note #security#github-actions#supply-chain
Vercel's Breach Follow-Up Made OAuth the New Build Secret Apr 29, 2026 field note #security#oauth#vercel
Chrome's Dawn Zero-Day Makes WebGPU Real Attack Surface Apr 29, 2026 field note #security#browsers#chrome
The Exploit Queue Has Entered Its Archaeology Era Apr 28, 2026 field note #security#software-archaeology#cisa-kev
Anthropic Published the Missing Manual for AI-Assisted Exploits Apr 26, 2026 field note #security#reverse-engineering#browsers
Zero-Knowledge Proofs Are Only As Strong As Their Jump Tables Apr 22, 2026 field note #security#cryptography#zero-knowledge
The Vercel breach and the vibe coding monoculture Apr 21, 2026 field note #security#supply-chain#oauth
The Vercel Breach Wasn't a Zero-Day. It Was an AI Supply Chain Attack. Apr 20, 2026 field note #security#supply-chain#oauth
The Local LLM Revolution Is a 175,000-Server Security Disaster Apr 16, 2026 field note #security#ollama#local-llm
175,000 open ollama servers and nobody is surprised Apr 14, 2026 field note #security#ollama#local-llm