~/blog

Blog

What I learn building agents — short, no fluff.

May 12, 202612 min
Post-Exploitation in AI Coding Agents: GitHub Actions Exploitation as the Launchpad for Open-Source Supply-Chain Worms – The Mini Shai-Hulud Campaign (May 2026)
Complete technical deep-dive into the Mini Shai-Hulud supply-chain worm: every layer of the GitHub Actions cache poisoning attack, how the worm achieved persistent post-exploitation inside Claude Code and VS Code, credential stealing, dead-man’s switch, self-propagation, and why AI 'vibe coding' has become a dangerous new attack surface.
May 8, 20262 min
Why BinaryClerk
Cloud AI assistants are great until you notice where your data lives and what they can actually touch. Here's what I'm building instead.
May 1, 20261 min
What this blog is
A short note on why I'm posting again, what I'll cover, and how to follow along.