Saturday, January 17, 2026

Latest Insights

pwn@research:~$ echo 0 > /proc/sys/kernel/randomize_va_space && gdb -q

Deep dive into exploits, reversing, and digital forensics.

Featured

The s1ngularity npm Attack: A Technical Deep-Dive Into The First AI-Weaponized Supply Chain Massacre

Supply Chain Security

The s1ngularity npm Attack: A Technical Deep-Dive Into The First AI-Weaponized Supply Chain Massacre

How 2,180 Developers Got Hacked By Their Own AI Assistants (And 40% Still Haven't Fixed It).

October 4, 2025

Recent Articles

Zero Trust Supply Chain: Why I Don't Trust Any Dependency Anymore

Supply Chain Security

Zero Trust Supply Chain: Why I Don't Trust Any Dependency Anymore

After analyzing s1ngularity, Shai-Hulud, and Qix attacks, I've adopted a paranoid approach to dependencies. Trust nothing, verify everything, even that innocent-looking npm package.

October 3, 2025

Keeping Your Software Supply Chain Safe from Sneaky Threats

Supply Chain Security

Keeping Your Software Supply Chain Safe from Sneaky Threats

Why traditional vulnerability scanning fails against modern supply chain attacks and how zero trust principles are reshaping open source security.

Stay in the Loop

Get notified when I publish new insights on software development, security research, and technology trends.

Subscribe via Email