Articles by tag: security
Tor diskless nodes: protection against physical seizure
Learn how the new Tor architecture with diskless servers and TPM protects data during equipment seizure. Advantages and challenges of the technology.
Critical vulnerability in protobuf.js: threat to Google Cloud and Firebase
Vulnerability in protobuf.js allows code execution on the server. CVSS score 9.4. Services on Google Cloud and Firebase are at risk. Urgently update the library.
Vizir VLM: AI video analytics from CRT saves 90% of time
CRT presented «Vizir.VLM» — a vision-language model combining computer vision and AI. Learn how the solution understands video context and reduces operator workload.
IPv6 Reaches 50%: What Developers Should Do
IPv6 has exceeded the 50% traffic mark in Google for the first time. We analyze the technical and economic reasons for the transition and provide a checklist for engineers.
AI Code Crisis: Security and Review in 2026
Why do AI tools provide only 10% productivity boost with 91% increase in review time? Analysis of security crisis causes and process restructuring strategies. Learn how to avoid security debt.
Secure LLM Agents: CorpClaw-Lite for Business | Overview
CorpClaw-Lite solves security and scalability issues in LLM agents. Learn about strict isolation, support for local models, and multi-user mode. Read the technical overview.
NaiveProxy for iOS/macOS: free client and server
How to deploy a NaiveProxy tunnel on Apple devices in 2 minutes. Instructions for installing the server with one command and configuring the client. For developers and technical specialists.
Flatpak CVE-2026-34078 Vulnerability: sandbox escape
Full breakdown of CVE-2026-34078 in Flatpak: mechanism via symlink, exploitation, update to 1.16.4. Protect Linux systems from sandbox escape.
Pretext: text measurement without reflow in 0.05 ms
Pretext revolutionizes text measurement in the browser: from 94 ms to 0.05 ms without DOM reflow. Ideal for chats and virtualization. Learn the details and applications for middle/senior dev.
Backdoor in wait4(): Linux kernel vulnerability
Analysis of a real backdoor in the Linux kernel from 2003: how an assignment error in wait4() opened root access. Lessons for developers: code review, Git, fuzzing. Study the details of the attack.
10 sysadmin questions for IT infrastructure
Assess sysadmin competencies with 10 questions: backups, recovery, performance, security. Improve IT without tech knowledge. For SMB managers.
Night incident: monolith stabilization in prod
Breakdown of night alert in production: from pager to stabilization. SRE roles, security compromises, lessons on queues and DB. For middle/senior dev. Read the case.
CVSS v4.0: vulnerability metrics for IT
Break down CVSS Base, Temporal, Environmental metrics. Examples Log4Shell, EternalBlue. Patch prioritization for developers. Integrate into CI/CD — read the guide.
FIFO for one-time Docker Swarm secrets
How to protect secrets in Docker Swarm from docker exec: solution via named FIFO channels. One-time reading, without Vault. Implementation for middle/senior devops.
RBACX updates: ReBAC and AI policies
Learn about ReBAC, AI policy generation, and batch authorization in RBACX. Security fixes, Redis cache, async Django. Install and test for Python projects.
Frontend Digest: AI, CSS, Security 2026
Overview of GlassWorm threats, Osmani's AI agents, Anchor Positioning and browser features. For middle/senior dev: tools, updates, practices. Study now.
AI-agent Soyuz open source: security and KMP
Explore the desktop AI-agent Soyuz: open source project on Kotlin Multiplatform with a focus on security. Rejection of MCP, task graphs, GigaChat support. Download the source code and integrate into projects.
Development of an authorization service on Rust: tokens, encryption, Redis
Practical guide to creating an authorization service on Rust with JWT, opaque tokens and Redis. Learn about cryptography and best practices for developers.
Lightweight Linux distribution for schools based on Arch
Development of an optimized Linux distribution for educational institutions. Low system requirements, security, alternative to commercial OS.
Processing POST requests and files in Go: a guide for developers
Detailed guide on processing POST requests, file uploads, and creating in-memory storage in Go. Practical code examples and security recommendations.
Automation of TLS Certificates in Angie with ACME Module: Guide
Learn how to set up automatic obtaining and renewal of TLS certificates in the Angie web server with the ACME module. Detailed instructions for developers.
Security of AI Agents: Criticism of MCP and Terminal in Development
Why Current AI Agent Architectures Are Unsafe. Alternatives to MCP and guardrails for Developers. Learn How to Create Reliable Products.
WAF 2026 Comparison: Check Point Test Results and Padding Evasion Attacks
WAF Effectiveness Analysis in 2026. Learn which solutions are vulnerable to Padding Evasion attacks, and which provide full coverage. Check Point testing results.
Secure Obsidian Sync: Git and Encryption
Step-by-step guide to setting up Obsidian sync with Git and git-crypt. Keep your notes private with end-to-end encryption. Read the instructions.
Determining Linux Distributions by Packages via API KUMA
Learn how to automate OS inventory using Python and API KUMA. Package analysis for accurate determination of Linux distributions.