Investigations
Mullvad's Exit IPs Are Fingerprinting Its Users
Your WireGuard public key can tie your sessions together across Mullvad servers. That's exactly the sort of subtle linkage that privacy-conscious users assume does not exist.
Investigations
Original, independent investigations into privacy failures, supply-chain attacks, zero-days, fingerprinting vectors, backdoors and the real mechanics of surveillance infrastructure. No press releases. No affiliate spin.
zero-day
The Patch Wave: Eleven Breaches, One Week, and the Myth of the AI Collapse
A single week saw Linux, Windows, macOS, Next.js, and the global software supply chain battered by critical exploits and mass advisories. Is this the long-feared AI-driven collapse of digital infrastructure, or just the new normal? A technical, evidence-driven investigation.
Investigations
JDownloader's Linux Installer Delivered a Root Backdoor
ℹ️This is a developing situation I have relied on JDownloader for years. It is the sort of unglamorous tool you install once and forget about until you need to pull a 40 GB archive at 3 a.m. So when the official site went dark on 7 May and
Investigations
Copy Fail: 732 bytes to root on almost every Linux server since 2017
A subtle 2017 optimisation in the Linux kernel's crypto layer has just been turned into a reliable, 732-byte path from any user account to root. Here's what it means for your servers and what to do right now.
Investigations
Vercel’s supply-chain breach: one Roblox script away from your secrets
A stolen Roblox auto-farm script led to Context.ai credentials, then Vercel Google Workspace takeover via OAuth token abuse in March 2026.
audits
What DuckDuckGo's VPN audit can and cannot tell you
Securitum signed off on DuckDuckGo's no-logs policy last month. The audit is better than most and thinner than some, and understanding why is the difference between useful privacy scepticism and reading marketing copy.