Skip to content

Threat Intel & Field Notes

CVE deep-dives, offensive tradecraft, AI security, and enterprise defense β€” straight from the lab.

// filter feed
#XSS πŸ•“ 19 min
The Samy Worm: Dissecting the Fastest-Spreading XSS Worm in History
A comprehensive case study of the Samy worm β€” the MySpace XSS worm that infected over one million profiles in under 20 hours in 2005, pioneered browser-based self-propagation, and forever changed how we think about web application security.
#AI πŸ•“ 15 min
Claude Fable 5 Is Back: Inside Anthropic's 19-Day Exile and the New Safety Architecture That Ended It
A comprehensive analysis of Anthropic's restoration of Claude Fable 5 access on July 1, 2026 β€” from the Amazon jailbreak discovery and the unprecedented export control ban, to the new safety classifiers, API refusal architecture, Project Glasswing, and what it all means for the future of frontier AI governance.
#Threat Intel πŸ•“ 5 min
FIFA World Cup 2026: The Largest Cyber Attack Surface in Sporting History
A deep dive into the unprecedented cybersecurity risks facing the 2026 FIFA World Cup across North America, from massive ticketing fraud campaigns to critical infrastructure targeting by nation-states.
#Phishing πŸ•“ 6 min
The Phishing Epidemic of 2026: How Generative AI Reshaped Social Engineering
A deep dive into how Generative AI, deepfake voice cloning, and LLMs have weaponized phishing and Business Email Compromise (BEC) in 2026, and how identity-centric defenses are fighting back.
#AI Security πŸ•“ 5 min
GuardFall: Why Modern AI Agents Are Falling for Decades-Old Shell Tricks
A deep dive into the GuardFall vulnerability disclosed by Adversa AI, explaining how attackers use simple shell obfuscation to bypass plain-text security filters in 10 out of 11 popular open-source coding agents.
#Privacy πŸ•“ 9 min
WhatsApp Is Finally Getting Usernames β€” And It's a Bigger Deal Than You Think
A deep dive into WhatsApp's new username feature β€” how it works, how to set it up, why hiding your phone number matters from a cybersecurity perspective, and the privacy gaps that still remain.
#AI Security πŸ•“ 5 min
The Invisible Hook: How Clean GitHub Repos Are Tricking AI Agents into Running Malware
A deep dive into the recent proof-of-concept attack demonstrated by Mozilla’s 0DIN, showing how AI coding agents like Claude Code can be tricked into executing malware from entirely clean GitHub repositories.
#Windows 11 πŸ•“ 16 min
Windows 11 26H2: Everything You Need to Know β€” Features, AI Integration, Security, and the Great Architecture Split
A massively detailed guide to Windows 11 version 26H2 β€” the fall 2026 annual update. Covers the enablement package delivery model, AI-powered features like Copilot Vision and Click to Do, the 26H1 vs 26H2 architecture split, security hardening with hotpatching, Smart App Control, and Pluton, enterprise migration strategies from Windows 10, and what it all means for IT professionals.
[root@purplesec ~]# ls -l /var/log/archive/
drwxr-xr-x 2026 [-]
[Jul 02] 81 Million Login Attempts in 14 Days: Inside the Massive Azure CLI Password Spray Campaign [Jul 01] The Samy Worm: Dissecting the Fastest-Spreading XSS Worm in History [Jul 01] Claude Fable 5 Is Back: Inside Anthropic's 19-Day Exile and the New Safety Architecture That Ended It [Jun 30] FIFA World Cup 2026: The Largest Cyber Attack Surface in Sporting History [Jun 30] The Phishing Epidemic of 2026: How Generative AI Reshaped Social Engineering [Jun 30] GuardFall: Why Modern AI Agents Are Falling for Decades-Old Shell Tricks [Jun 30] WhatsApp Is Finally Getting Usernames β€” And It's a Bigger Deal Than You Think [Jun 30] The Invisible Hook: How Clean GitHub Repos Are Tricking AI Agents into Running Malware [Jun 23] Windows 11 26H2: Everything You Need to Know β€” Features, AI Integration, Security, and the Great Architecture Split [Jun 21] The Anatomy of a Botnet: History, Architecture, and the Botnet Economy [Jun 21] Wi-Fi Snitching: How Microsoft Teams' New Auto-Detect Feature Works (And How to Opt-Out) [Jun 21] RoguePlanet: Deep Dive into the Microsoft Defender TOCTOU Zero-Day (CVE-2026-50656) [Jun 20] An AI Agent Is an Identity β€” and Most Organizations Don't Treat Them That Way [Jun 17] The Great Telegram Lockdown: Exam Leaks, Timestamp Forgery, and the Global War on Moderation [Jun 16] Deep Dive: CVE-2025-57819 - Critical RCE in Sangoma FreePBX [Jun 15] Deep Dive: BadSuccessor (CVE-2025-53779) β€” The Windows Server 2025 dMSA Exploit That Shook Active Directory [Jun 13] The Ban on "Foreign Nationals": US Government's Unprecedented Move Against Anthropic's Fable and Mythos Models [Jun 12] Quantum Computing and PKI: The Looming Cryptographic Apocalypse and How to Survive It [Jun 11] June 2026 Patch Tuesday: A Record-Breaking 206 CVEs, Three Zero-Days & Two BitLocker Bypasses [Jun 11] How GitHub and npm Are Fighting Back Against Supply Chain Attacks β€” And What You Need to Do Before July 2026 [Jun 11] NVIDIA RTX Spark & DGX Spark: The Dawn of Personal AI Supercomputers and What It Means for Local LLM Enthusiasts [Jun 10] To Err is Algorithm: Case Studies Where AI Messed Up Big Time [Jun 10] The Nightmare Eclipse Zero-Day Campaign: A Complete Technical Analysis of the 2026 Microsoft Vendetta [Jun 09] The Golden Skeleton Key: A Deep Dive into CVE-2026-45585 (YellowKey) BitLocker Bypass [Jun 09] The Anatomy of the Meta AI Support Hack: Why AI Should Never Reset Passwords [Jun 09] A Comprehensive Guide to Modern AI: Concepts, Architecture, and Local Deployment
_