Blog
Notes from the ops room.
Hosting, infrastructure, development, and SEO — written by the people doing the work.
Bad Epoll (CVE-2026-46242): Any Linux User Can Grab Root
Security
Claude Fable 5 Is Back — After a 19-Day Government Shutdown
Artificial Intelligence
SharePoint RCE CVE-2026-45659: CISA Gives You Until July 4 to Patch
Security
MariaDB 10.6 Reaches End of Life Sunday — Four Days to Upgrade
Web Hosting
34% of Laravel Apps Have Critical Flaws — A 2026 Study of 10,000 Sites Shows Why
Security
CVE-2026-55200: CVSS 9.2 libssh2 Bug Has a PoC — Patch Before Attackers Do
Security
Clean GitHub Repos Are Tricking AI Coding Agents Into Running Malware
Security
GPT-5.6 Launches in Three Tiers — Washington Decides Who Gets In First
Artificial Intelligence
Kirki CVE-2026-8206: Anyone Can Take Admin on Half a Million WordPress Sites
WordPress
Gravity SMTP Flaw Has Handed Attackers 17 Million Shots at Your Email API Keys
WordPress
Cordyceps: The CI/CD Flaw That Could Poison the Code You Trust
Security
Klue OAuth Attack: How One Legacy Credential Breached Ten Companies
Security
ShapedPlugin's Official Update Server Delivered Backdoors for 28 Days
Security
Operation Endgame Cleaned 15,000 WordPress Sites — Yours Could Be Next
Security
FortiBleed: 86,000 Fortinet Firewalls Compromised — Is Your VPN in the Dataset?
Security