Posts in Category: Security (5)
Defending systems and networks. Articles covering cybersecurity, cryptography, threat modeling, and secure coding practices.
Google Cloud TLS Certificate Changes in Q2 2026: Important Update for GCP users
If you manage client applications that interact with Google Cloud services, please take note of an upcoming infrastructure change. In Q2 2026, Google is updating the Transport Layer Security (TLS)...
Security Alert: Vercel Supply Chain Attack (April 2026) in 4 minutes
Vercel has disclosed a security incident involving unauthorized access to certain internal systems, which has led to the exposure of some customer environment variables. If you use Vercel, here is...
CRITICAL: Active Supply Chain Attack on Axios NPM Package Update (Resolved?)
TLDR: A popular npm package has been attacked and it’s used by many web developers. If you are a JavaScript or Node.js developer, stop what you are doing and audit...
The Google vs. FFmpeg Debate: AI Finds a Bug, But Who Has to Fix It?
In the vast world of software, a recent conflict has flared up between Google’s elite security team and the volunteer maintainers of FFmpeg, a project that powers countless apps you...
What is HackerOne and Their Bug Bounty Program?
What on earth is a Bug Bounty? No it’s not about hunting insects. If you are in the information security field the term might be familiar to you but if...