The gap between what systems claim to do and what they actually do.
Long-form field notes on vulnerability classes, broken trust models, cryptographic assumptions that turned out to be wrong, and the institutional dynamics that keep bad designs alive longer than they should be.
Hash-and-trust business since before most CVE programs existed. ⸻ Kvlr
§I The Registry 015
-
RedSun: How Windows Defender's Remediation Became a SYSTEM File Write
A technical teardown of the RedSun zero-day — the second Defender escalation in two weeks from the same researcher — grounded in the actual source code.
-
The Trust Inversion
Six supply chain attacks. One method. The attack surface isn't your systems anymore — it's the tools and credentials that authorize access to them.
-
SAP NetWeaver CVE-2025-31324: When CVSS 10.0 Means What It Says
An unauthenticated file upload to webroot in one of the world's most critical business platforms. The attack is simple. The exposure is not.
-
Axios, Sapphire Sleet, and 70 Million Weekly Installs
North Korea compromised the most-used HTTP client in the JavaScript ecosystem. The mechanism was a single compromised npm account.
-
TeamPCP Came for the Scanners
The March 2026 supply chain campaign didn't just compromise popular packages. It compromised Trivy and Checkmarx — the tools you use to detect supply chain compromises.
-
Oracle Cloud: The Breach They Technically Didn't Deny
Six million records, three weeks of denial, and a lesson in how large vendors parse their own security commitments.
-
Prompt Injection Is a Supply Chain Attack
AI agents execute tool calls based on content from external sources. That content is attacker-controlled. The security industry hasn't caught up.
-
MCP Servers: The New npm Left-Pad
AI agents install MCP servers to gain tools. The MCP server ecosystem has no code signing, no security audit, and no mechanism to verify a server does what it claims. We've been here before.
-
Shai-Hulud: The First npm Worm
A self-replicating worm tore through the npm ecosystem in September 2025. The mechanism was almost embarrassingly simple.
-
xrpl.js: The Official Package Was the Threat
Versions 4.2.1 through 4.2.4 of the official XRP Ledger JavaScript library exfiltrated wallet seed phrases. 4.2M weekly downloads. Discovered by accident.
-
CLFS: Ransomware's Favorite Kernel Driver
CVE-2025-29824 is the fifth exploited-in-wild LPE from the Windows Common Log File System driver. The driver has a design problem. The patch cycle hasn't addressed it.
-
CrushFTP CVE-2025-31161: MFT Is the Target Now
A pre-auth authentication bypass in CrushFTP. The vulnerability is interesting. Why MFT products keep showing up as primary targets is more interesting.
-
tj-actions: Mutable Tags Were Always a Lie
The GitHub Actions supply chain attack that exposed CI secrets for 23,000 repositories wasn't sophisticated. It was inevitable.
-
Bybit: $1.5B via a JavaScript Injection Nobody Was Looking For
Lazarus poisoned the Safe{Wallet} front end. Hardware wallets signed exactly what they were told. The security model worked perfectly. The trust model had a hole.
-
Ivanti: The Vulnerability Subscription
CVE-2025-0282 was exploited for at least 12 days before Ivanti disclosed it. Chinese APT had access to targeted networks while the patch was still being written. This is the third time in 12 months.