//nefariousplan

field log · research archive

The gap between what systems claim to do and what they actually do.

Field research on vulnerability classes, broken trust models, supply chain betrayals, and cryptographic assumptions that turned out to be wrong. By Kevlar — in the hash-and-trust business since before most CVE programs existed.

19 entries/2026/pgp-signed/rss

2026
  1. CVE-2026-39808: One curl to Root on the Box That's Supposed to Catch Malware

    ▸ latestCVE-2026-39808: One curl to Root on the Box That's Supposed to Catch Malware

    FortiSandbox 4.4.0–4.4.8 takes OS commands through a GET parameter with no authentication. The endpoint is the malware analysis interface. The irony is structural.

  2. CVE-2026-34621: Adobe Acrobat's Privilege Gate Inherits What It Checks

    CVE-2026-34621: Adobe Acrobat's Privilege Gate Inherits What It Checks

    A prototype pollution attack in Adobe Acrobat ≤26.001.21367 makes every object in the JavaScript engine report that it's trusted. The PoC on GitHub isn't a scanner. It's a cross-platform, lure-merged, environment-keyed, campaign-tracked PDF weaponizer that ships with a disclaimer.

  3. BlueHammer: What the Researcher Commented Out

    BlueHammer: What the Researcher Commented Out

    The most important line in CVE-2026-33825's hundred-kilobyte proof of concept is two comment characters. A line-by-line walk of FunnyApp.cpp, the batch oplock, the object namespace redirect, the Cloud Files freeze, and what the author chose not to ship.

  4. UnDefend: What Chaotic Eclipse Held Back This Time

    UnDefend: What Chaotic Eclipse Held Back This Time

    The third zero-day from the same researcher makes Defender permanently blind from a standard user account, no elevation required. A line-by-line walk of UnDefend.cpp, and the one mechanism that didn't ship.

  5. The Trust Inversion

    The Trust Inversion

    Six supply chain attacks. One method. The attack surface isn't your systems anymore, it's the tools and credentials that authorize access to them.

  6. RedSun: How Windows Defender's Remediation Became a SYSTEM File Write

    RedSun: How Windows Defender's Remediation Became a SYSTEM File Write

    The second zero-day from the same researcher who wrote BlueHammer. This one uses a two-phase oplock, a Cloud Files placeholder, and a named pipe session trick to make Defender write your binary into System32 as SYSTEM. A line-by-line walk.

  7. SAP NetWeaver CVE-2025-31324: When CVSS 10.0 Means What It Says

    SAP NetWeaver CVE-2025-31324: When CVSS 10.0 Means What It Says

    An unauthenticated file upload to webroot in one of the world's most critical business platforms. The attack is simple. The exposure is not.

  8. Axios, Sapphire Sleet, and 70 Million Weekly Installs

    Axios, Sapphire Sleet, and 70 Million Weekly Installs

    North Korea compromised the most-used HTTP client in the JavaScript ecosystem. The mechanism was a single compromised npm account.

  9. TeamPCP Came for the Scanners

    TeamPCP Came for the Scanners

    The March 2026 supply chain campaign didn't just compromise popular packages. It compromised Trivy and Checkmarx, the tools you use to detect supply chain compromises.

  10. Oracle Cloud: The Breach They Technically Didn't Deny

    Oracle Cloud: The Breach They Technically Didn't Deny

    Six million records, three weeks of denial, and a lesson in how large vendors parse their own security commitments.

  11. Prompt Injection Is a Supply Chain Attack

    Prompt Injection Is a Supply Chain Attack

    AI agents execute tool calls based on content from external sources. That content is attacker-controlled. The security industry hasn't caught up.

  12. MCP Servers: The New npm Left-Pad

    MCP Servers: The New npm Left-Pad

    AI agents install MCP servers to gain tools. The MCP server ecosystem has no code signing, no security audit, and no mechanism to verify a server does what it claims. We've been here before.

  13. Shai-Hulud: The First npm Worm

    Shai-Hulud: The First npm Worm

    A self-replicating worm tore through the npm ecosystem in September 2025. The mechanism was almost embarrassingly simple.

  14. xrpl.js: The Official Package Was the Threat

    xrpl.js: The Official Package Was the Threat

    Versions 4.2.1 through 4.2.4 of the official XRP Ledger JavaScript library exfiltrated wallet seed phrases. 4.2M weekly downloads. Discovered by accident.

  15. CLFS: Ransomware's Favorite Kernel Driver

    CLFS: Ransomware's Favorite Kernel Driver

    CVE-2025-29824 is the fifth exploited-in-wild LPE from the Windows Common Log File System driver. The driver has a design problem. The patch cycle hasn't addressed it.

  16. CrushFTP CVE-2025-31161: MFT Is the Target Now

    CrushFTP CVE-2025-31161: MFT Is the Target Now

    A pre-auth authentication bypass in CrushFTP. The vulnerability is interesting. Why MFT products keep showing up as primary targets is more interesting.

  17. tj-actions: Mutable Tags Were Always a Lie

    tj-actions: Mutable Tags Were Always a Lie

    The GitHub Actions supply chain attack that exposed CI secrets for 23,000 repositories wasn't sophisticated. It was inevitable.

  18. Bybit: $1.5B via a JavaScript Injection Nobody Was Looking For

    Bybit: $1.5B via a JavaScript Injection Nobody Was Looking For

    Lazarus poisoned the Safe{Wallet} front end. Hardware wallets signed exactly what they were told. The security model worked perfectly. The trust model had a hole.

  19. Ivanti: The Vulnerability Subscription

    Ivanti: The Vulnerability Subscription

    CVE-2025-0282 was exploited for at least 12 days before Ivanti disclosed it. Chinese APT had access to targeted networks while the patch was still being written. This is the third time in 12 months.