Pular para o conteúdo principal

Insights

Engenharia, segurança e infraestrutura — do ponto de vista de quem vive isso.

Security

Operation Escaneo: CloudSEK Exposes APT-Level Threat Against LATAM

CloudSEK discovered Operation Escaneo in June 2026: Kimera framework, 15 CVEs, Cisco router persistence and SAP/Oracle exploitation. LATAM has graduated to APT-level threats.

Gabriel FerraresiJul 4, 20264 min read
securityaptlatamcloudsekkimeraoperation-escaneothreat
AI

Autoguardrails: Karpathy's Autoresearch Transposed to AI Safety

Santander AI Lab turned Karpathy's autoresearch into autoguardrails: an agent that searches over policy.md to minimize Attack Success Rate without destroying benign pass. Same turnstile, different metric.

Gabriel FerraresiJul 3, 20264 min read
aiai-safetykarpathysantanderautoguardrailsautoresearchguardrails
Security

Backdoor.Turn: The Ransomware That Hid Inside Microsoft Teams for 2 Months

DragonForce used the Turn backdoor to abuse Microsoft Teams TURN relay infrastructure as C2. The first malware in the wild to turn collaboration traffic into a command and control channel.

Gabriel FerraresiJul 3, 20264 min read
securityransomwaredragonforcemicrosoft-teamsturn-relayc2byovd
Security

The Honest Mistake: Lateral Movement via WMI That Bypassed 47 Micro-Segmentation Policies

We almost missed a lateral movement attack via WMI during an incident response. The lesson that changed our IR methodology at Tech86.

Gabriel FerraresiJul 2, 20264 min read
securitylateral-movementwmimicro-segmentationincident-response
Security

Dual Attacker: When a Cryptominer is a Smoke Screen for PIX Exfiltration

Real incident response case at a Brazilian payment processor where an XMRig cryptominer hid a second actor exfiltrating digital certificates and PIX transaction data.

Gabriel FerraresiJul 1, 20264 min read
securityincident-responsecryptominerdigital-forensicsdual-attacker
AI

Mythos 5, Fable 5 and the Kill-Switch: One Letter Turned Off AI in 100+ Countries

A Friday letter shut down Mythos 5 and Fable 5 in 100+ countries. The first export control on a commercial AI model via API — and what it means for your infrastructure sovereignty.

Gabriel FerraresiJul 1, 20264 min read
aisovereigntyanthropicexport-controlmythosfablegeopolitics
AI

Brazil-EU: AI Sovereignty and the R$ 2 Billion Supercomputer

Brazil joins the EU Digital Partnership and announces R$ 2 billion for a sovereign supercomputer. We analyze the two moves and the three bottlenecks that remain.

Gabriel FerraresiJun 30, 20265 min read
aisovereigntybrazileusupercomputerinfrastructuregeopolitics
AI

GLM-5.2 Z.AI: The First Open-Weight Frontier at Parity with Claude and GPT

Z.AI's GLM-5.2 is the first open-weights model that sustains production at parity with Claude and GPT, charging a tenth per token. MoE architecture, benchmarks, and deployment.

Gabriel FerraresiJun 29, 20264 min read
aiglmzaiopen-weightsfrontiermodelsinference
Security

WhatsApp Usernames: The Privacy Win That Opens New Attack Surfaces

WhatsApp launched usernames on June 29, 2026, hiding phone numbers but creating squatting, visual similarity phishing, and cross-platform linking. Technical analysis from Tech86.

Gabriel FerraresiJun 29, 20264 min read
securitywhatsappprivacyphishingusername
Security

Dígitro: The Leak That Exposed the Blueprint of State Surveillance

3.39 TB of source code and data from Dígitro leaked on DDoSecrets. Guardião, the lawful interception platform used by 150+ institutions, had its blueprint exposed. Analysis of the technical and legal impact.

Gabriel FerraresiJun 28, 20264 min read
securitydata-leaklawful-interceptiondigitrosovereignty
Security

FortiBleed: The Attack That Turned 430K Firewalls Into Network Sniffers

FortiBleed compromised 86K+ FortiGate firewalls and turned 19K+ into active traffic sniffers. The industrialized operation that abuses legitimate FortiOS commands to capture credentials in real time.

Gabriel FerraresiJun 28, 20265 min read
securityfirewallfortigatecredentialssniffing
Security

Private Cyber Armies: When AI Becomes a Weapon of War

The US government spends $1B on cyberattacks while cutting $1.2B from defense. Two cybersecurity startups reveal the privatization of cyber warfare — and the governance vacuum that comes with it.

Gabriel FerraresiJun 27, 20264 min read
securityaigeopoliticscyberdefensegovernance
AI

Mechanical Governance for LLMs: The mech-gov-framework and the EU AI Act

27% of LLM deferrals carry zero decision-relevant information. Santander's mech-gov-framework solves this with 4 mechanical primitives — with direct implications for the EU AI Act.

Gabriel FerraresiJun 27, 20264 min read
aigovernanceeu-ai-actllmregulation
Security

Miasma and IronWorm: When the Supply Chain Learns to Infect Your AI Agent

Two supply chain worms in June 2026 rewrote AI agent instructions and installed eBPF rootkits. Technical analysis of Miasma and IronWorm — and how to protect your agents.

Gabriel FerraresiJun 27, 20265 min read
securitysupply-chainainpmagents
Security

Agentjacking: Hijacking AI Coding Agents via Sentry MCP

Attack discovered by Tenet Security hijacks AI agents via Sentry MCP with 85% success rate. 2,388 orgs with exposed DSNs. Open-source mitigation available.

Gabriel FerraresiJun 26, 20265 min read
securityaimcpagentjackingsentry
FinOps

Metered Token Billing: Why Flat-Rate Pricing for AI Coding Is Dead

Between March and June 2026, every AI coding tool migrated to metered token billing. The real numbers, Jevons Paradox, and what it means for engineering organizations.

Gabriel FerraresiJun 26, 20263 min read
finopsaibillingtokensdevelopers
Security

NVIDIA SkillSpector: The Scanner That Proved AI Skills Security Needs More Than Static Analysis

26% of AI skills contain vulnerabilities and 5% are likely malicious, according to Liu et al. NVIDIA launched SkillSpector — but Trail of Bits proved static scanners can be bypassed in under 1 hour.

Gabriel FerraresiJun 26, 20264 min read
securityainvidiaskillssupply-chain
AI

Xiaomi MiMo Code: The Open-Source Coding Agent That Challenges Claude Code

Xiaomi released MiMo Code, an open-source coding agent under MIT license that outperforms Claude Code on self-reported benchmarks. But the caveats matter as much as the numbers.

Gabriel FerraresiJun 26, 20264 min read
aiopen-sourcexiaomicodingagents
Security

Brazil Civil Defense Hack: Cell Broadcast Compromised, 200 Million Without Alerts

Brazil's IDAP platform was hacked on June 19, 2026. Attacker sent false Extreme-level alerts to millions of phones. System remains offline — and Cell Broadcast by design lacks cryptographic authentication.

Gabriel FerraresiJun 21, 20263 min read
securitycell-broadcastbrazilcritical-infrastructurecivil-defense
IA

SantanderAI: The Bank That Open-Sourced Its AI Stack

Santander published 14 repositories on GitHub — including a mechanical governance framework, synthetic fraud graph generator, and vendor-agnostic LLM bridge. Zero real customer data. The European playbook for banking AI.

Gabriel FerraresiJun 21, 20264 min read
aiopen-sourcebankinggovernancesecurity
AI

AI Writes 8× More Code — and Review Time Jumps 441%

Data from Anthropic, Faros AI, and GitClear shows AI accelerates code output but creates a review bottleneck. Code churn +861%, defects +54%. How to redesign the pipeline.

Gabriel FerraresiJun 17, 20263 min read
aicode-reviewengineeringproductivityquality
Security

Claude Code: 6 Disclosures, 1 Real Attack, and the Architectural Disease

A structural vulnerability in the Claude Code GitHub Action produced 6 separate disclosures, 1 source code leak, and 1 real supply chain attack. The patch covers a symptom — the disease is architectural.

Gabriel FerraresiJun 17, 20265 min read
claude-codesecuritysupply-chainci-cdprompt-injection
Security

SearchLeak: P2P Injection + Bing SSRF Exfiltrates M365 Copilot Data

CVE-2026-42824 discovered by Varonis enables data exfiltration from M365 Copilot Enterprise via prompt injection in the search parameter and SSRF through Bing. One click is enough.

Gabriel FerraresiJun 17, 20265 min read
copilotprompt-injectionssrfm365security
Security

Gentlemen Ransomware: FortiGate Worm, 478 Victims in 10 Months

The Gentlemen RaaS exploits CVE-2024-55591 in FortiGate for worm propagation with 21 lateral movement techniques. 478+ victims, 66 countries, and an encryptor that makes decryption functionally impossible.

Gabriel FerraresiJun 17, 20264 min read
ransomwarefortigateperimeter-securitycveworm
Security

Google GTIG: The First AI-Developed Zero-Day in the Wild

Google GTIG identified the first AI-developed zero-day used by criminals. A 2FA bypass via semantic logic flaw — the vulnerability class LLMs find and fuzzers cannot.

Gabriel FerraresiJun 17, 20264 min read
zero-daysecurityaiexploitfuzzing
Security

GREYVIBE: First Forensic Case of Commercial AI Across the Entire Kill Chain

WithSecure documented the first forensic case of a threat group using commercial AI across every phase of the kill chain against Ukraine. What it means for cyber defense.

Gabriel FerraresiJun 17, 20263 min read
securityaicyber-threatskill-chainukraine
Security

n8n-mcp: CVSS 9.9 IDOR Exposes All Tenants' Credentials

CVE-2026-54052 (assigned by Manifold Security; pending NVD publication) in n8n-mcp lets any authenticated tenant read every other tenant's credentials. Fifth multi-tenant security issue in 2026 — the persistence layer was never isolated.

Gabriel FerraresiJun 17, 20264 min read
n8nidormcpmulti-tenantsecurity
Architecture

Tech86 Partner Program: Sell Complex Projects Without Hiring a Team

The Tech86 partner program enables consultancies, agencies, and integrators to sell complex engineering projects without a senior technical team. Recurring revenue share, engineering as a service, and account protection.

Gabriel FerraresiJun 17, 20265 min read
partnersrevenue shareengineering as a serviceclouddevopsparceria cloudcanal de parceirosrevenda infraestrutura
Security

SHEETCREEP: APT Uses Google Sheets as Network-Invisible C2

SHEETCREEP, a RAT linked to APT36, uses Google Sheets as command-and-control infrastructure. Traffic indistinguishable from legitimate Google Workspace requires endpoint-level detection.

Gabriel FerraresiJun 16, 20264 min read
apt36c2google-sheetssecurityedr
Security

Foxconn vs Nitrogen: Encryptor Bug Makes Ransom Payment Futile

Coveware reverse-engineered the Nitrogen ESXi encryptor and found a bug that corrupts the public key. Decryption is mathematically impossible. Foxconn was hit in May — approximately 3 months after disclosure. Paying does not help.

Gabriel FerraresiJun 15, 20264 min read
ransomwarenitrogenfoxconnencryptor bugesxi
Security

Tchap: Infrastructure Sovereignty Doesn't Protect Against Compromised Credentials

France's sovereign messenger exposed data of 73,467 public agents after a single account was compromised via social engineering. Why infrastructure sovereignty is not a substitute for credential security.

Gabriel FerraresiJun 15, 20264 min read
tchapsecuritysovereigntysocial engineeringmatrix
Security

LangGraph: From SQL Injection to RCE Through AI Agent Memory

Check Point Research documented an exploitation chain from SQL injection to remote code execution through the LangGraph checkpointer — the persistence layer that gives the agent memory is the same one that gives the attacker persistence.

Gabriel FerraresiJun 15, 20264 min read
langgraphsql injectionrcesecurityai agentsdeserialization
Security

Sophos CTU: AI-Powered Ransomware Lab Tests EDR Evasion at Scale

Sophos discovered a ransomware development lab using AI to accelerate development and test EDR evasion. Nearly 80 modules, 70+ techniques. What changes for your defense.

Gabriel FerraresiJun 15, 20264 min read
sophos cturansomwareartificial intelligenceedr evasionendpoint securityclaude
Security

CISA BOD 26-04 and EO 14409: AI in Federal Cyberdefense

CISA replaced CVSS with 4 binary patching factors. EO 14409 mandated AI-powered defense acceleration. What changes for security operations in practice.

Gabriel FerraresiJun 13, 20264 min read
securitycisaaipatchingcompliance
Security

Ivanti Sentry CVSS 10.0: Unauthenticated RCE as Root

CVE-2026-10520 in Ivanti Sentry enables unauthenticated command injection with root execution. CVSS 10.0, public PoC, CISA KEV. Real timeline and data.

Gabriel FerraresiJun 13, 20264 min read
ivantizero-dayrcecisa kevcommand injection
Security

Nightmare Eclipse: 8 Zero-Days Against Microsoft in 10 Weeks

A solo researcher exploited 8 vulnerabilities in the Microsoft ecosystem — including SYSTEM LPE, BitLocker bypass, and Defender TOCTOU. What this means for your defense.

Gabriel FerraresiJun 13, 20264 min read
microsoft defenderzero-dayendpoint securitybitlockeredrpatch tuesday
Security

ShinyHunters Exploited PeopleSoft Zero-Day for 13 Days Before Advisory

CVE-2026-35273: unauthenticated RCE in Oracle PeopleSoft exploited for 13 days before Oracle published an advisory. 454K sensitive records leaked. What this reveals about the patch cycle.

Gabriel FerraresiJun 13, 20264 min read
securityzero-dayrcepeoplesoftedr
Security

N-day Became N-hour — The Myth of the Safe Patch Window

Anthropic demonstrated that Mythos Preview generates functional exploits in hours, not weeks. Cost per privilege escalation chain dropped to $2K. The monthly patch cycle has become structurally inadequate.

Gabriel FerraresiJun 12, 20263 min read
securityaiexploitvulnerabilitypatching
Security

Miasma Worm: When Trust Infrastructure Becomes the Attack Itself

How the Miasma Worm exploited SLSA, Sigstore, and legitimate credentials to compromise npm, PyPI, and Microsoft repositories in 7 days — without a single CVE.

Gabriel FerraresiJun 12, 20264 min read
supply chainsecuritymiasma wormnpmpypiai
FinOps

BigQuery LIMIT 100: The Illusion Draining Your OPEX

SELECT * with LIMIT 100 in BigQuery scans the entire table and charges by bytes read. TABLESAMPLE SYSTEM cuts processing by 95%. Real FinOps data.

Gabriel FerraresiJun 11, 20264 min read
finopsbigquerytablesampleoptimizationdata-engineering
AI

Google Cloud Next 2026: Infrastructure the Agentic Enterprise Needs

From TPU v8 to Agent Gateway, Virgo Network to Agentic Defense — what Google Cloud Next 2026 means for teams running agents at scale and why governance beats building.

Gabriel FerraresiJun 11, 20264 min read
google-cloudai-agentsagentic-infrastructuretpusecurity
Security

AI Compressed the Vulnerability Window — Microsoft Says So

Microsoft declared that AI can autonomously discover, chain, and exploit vulnerabilities. The discovery-to-exploitation window collapsed. What this means for your security operations.

Gabriel FerraresiJun 11, 20264 min read
securityaivulnerabilitypatchedr
FinOps

AI Inference FinOps Playbook: 5 Levers in the Right Order

80-90% of AI cost goes to inference. Five measurable levers, in priority order, to cut 50-90% of waste without sacrificing quality.

Gabriel FerraresiJun 6, 20265 min read
finopsaiinferencecachingmodel routing
Security

Claude Code in Your Pipeline: The Structural Hole and Rule of Two

Claude Code GitHub Action exposes credentials via unsandboxed Read tool. Microsoft steals keys in two steps. RyotaK: 50 bypasses. The Rule of Two you need to adopt.

Gabriel FerraresiJun 6, 20264 min read
claude codeci/cdprompt injectionsecuritygithub actions
AI

Malicious LLM API Routers: The Invisible Threat Inside Your AI Agents

428 routers tested, 9 injecting code, 1 draining Ethereum. How malicious LLM API routers compromise AI agents without detection.

Gabriel FerraresiJun 5, 20263 min read
llmapi routerssecurityai agentssupply chain
FinOps

State of FinOps 2026: 73% Blew Their AI Budget

State of FinOps 2026 data: 73% of organizations exceeded AI budget, only 20% predicted spend within ±10%. FinOps is now technology value management.

Gabriel FerraresiJun 5, 20264 min read
finopsaicloud costgpubudget
Security

iFood Data Breach: 1.2M vs 43M and the Risk They Denied

iFood leaked CPF of 1.2 million users, failed to notify Brazil's ANPD, and claimed no relevant risk. The 36x discrepancy and what it reveals about LGPD enforcement.

Gabriel FerraresiJun 4, 20264 min read
ifooddata breachlgpddata protectionanpd
Security

Chrome DBSC: session cookie theft is finally over

DBSC binds session cookies to hardware via TPM. Stolen cookies expire without the key. The most significant browser security improvement in years — but it's one layer.

Gabriel FerraresiJun 3, 20264 min read
chromedbscinfostealermfasession cookie
AI

LLM Agent Worms: Zero-Click Propagation Across Frameworks

The first autonomous worm propagating between LLM agents without human interaction. Zero-click, cross-platform, 3 hops. Defense requires a formal theorem.

Gabriel FerraresiJun 3, 20265 min read
wormllmai agentszero-clicksecurity
AI

MemPoison + MCFA: The Memory Attack Surface in LLM Agents

Memory attacks on LLM agents reach 95% success. MemPoison poisons memory, MCFA hijacks control flow. Current defenses are insufficient.

Gabriel FerraresiJun 3, 20264 min read
memoryllmai agentssecuritymemory poisoning
AI

PoisonedSkills: Skill Docs That Make AI Agents Run Malware

PoisonedSkills uses skill documentation to execute payloads in AI coding agents via DDIPE. 33.5% bypass rate. 4 CVEs. Skill registries are the new supply chain.

Gabriel FerraresiJun 3, 20264 min read
poisoned skillsaisupply chainai agentssecurity
Security

CVE-2026-41089: One UDP Packet Takes Down Your DC

CVE-2026-41089 in Windows Netlogon allows unauthenticated DoS via UDP 389. CVSS 9.8, active exploitation confirmed. Learn how to protect your DCs.

Gabriel FerraresiJun 2, 20264 min read
netlogonwindowsactive directorydomain controllerdos
Security

WP Maps Pro: Backdoor by Design and Full Admin Takeover

CVE-2026-8732 in WP Maps Pro enables unauthenticated admin takeover. CVSS 9.8, 15,800 sites exposed. A frontend nonce is not authentication.

Gabriel FerraresiJun 2, 20265 min read
wordpresspluginadmin takeoverbackdoorcve
Security

CIFSwitch: 19-Year Kernel Bug Gives Root in 1 Syscall

19-year Linux kernel vulnerability lets any unprivileged user get root via request_key and cifs.upcall. Public PoC. Enterprise servers exposed.

Gabriel FerraresiJun 1, 20265 min read
linuxkernelcifswitchlpecifs
FinOps

Vercel Bill Shock: Why Headless Without FinOps Fails

38% of headless merchants lost revenue in 90 days. Vercel Pro jumps from $20 to $2,000. FinOps is what separates scale from loss.

Gabriel FerraresiJun 1, 20265 min read
finopsvercelheadlesscloud costcdn
Security

GlobalProtect Auth Bypass: Your VPN Perimeter Just Broke

CVE-2026-0257 in PAN-OS GlobalProtect enables authentication bypass with CVSS 9.1. Active exploitation, CISA KEV. Real data from Rapid7 MDR.

Gabriel FerraresiMay 31, 20264 min read
vpnglobalprotectpalo altoauthentication bypasszero-trust
Security

CVE-2026-46230: Windows Kernel RCE with SYSTEM via SMB/RDP

CVE-2026-46230 in the Windows kernel enables unauthenticated RCE with SYSTEM via SMB and RDP. CVSS 9.8, public PoC. Learn how to protect your infrastructure.

Gabriel FerraresiMay 31, 20264 min read
windowskernelrcesmbrdp
Security

FortiClient EMS: When Your Antivirus Becomes the Attack

CVE-2026-35616 in FortiClient EMS enables pre-auth API bypass, CVSS 9.1. Attackers push EKZ Stealer via EMS and steal session cookies, bypassing MFA.

Gabriel FerraresiMay 30, 20264 min read
forticlientekz stealerendpointmalwarecisa
Security

PoolSlip and Gogs: Two Zero-Days Exposing Your Infra

CVE-2026-9256 (CVSS 9.2) in NGINX and Gogs zero-day CVSS 9.4 with no patch for 2+ months. Two entry points no one can afford to ignore.

Gabriel FerraresiMay 30, 20264 min read
nginxpoolslipgogszero-dayrce
Security

CVE-2026-48172: LiteSpeed CVSS 10.0 and Shared Hosting Risk

CVE-2026-48172 in LiteSpeed cPanel Plugin scores CVSS 10.0 — any tenant becomes root. Why shared hosting breaks by design with this class of vulnerability.

Gabriel FerraresiMay 29, 20265 min read
litespeedcpanelcvss 10shared hostingrce
Security

TrapDoor, TanStack and npm: When AI and Registry Become the Attack

TrapDoor plants invisible instructions in .cursorrules. TanStack steals OIDC tokens. 33 npm packages impersonate corporate namespaces. Three vectors, same result.

Gabriel FerraresiMay 29, 20264 min read
supply chainnpmaitrapdoorcursor
FinOps

FinOps for AI: Cost-per-Token and the GPU You Don't Use

73% of AI projects blow their budget. GPU utilization sits at 15-30%. Learn to measure cost-per-token and recover up to half your inference budget.

Gabriel FerraresiMay 28, 20264 min read
finopsaigpucost-per-tokencloud
AI

LLM Self-Replication Worm: From 6% to 81% in One Year

Palisade Research documented the first LLM self-replication worm: 4 hops, 3 continents, zero human intervention. Success rates jumped from 6% to 81% in 12 months.

Gabriel FerraresiMay 28, 20265 min read
self-replicationaiwormsecurityagents
AI

Prompt Injection Is the New SQL Injection — Now It Leads to RCE

73% of AI deployments have prompt injection. Chatbots leak data via markdown rendering. Semantic Kernel enables RCE via Startup folder. Data and defenses.

Gabriel FerraresiMay 28, 20265 min read
prompt injectionaircesecuritychatbot
Security

WordPress Security Crisis: 11,334 Flaws and the Headless Exit

WordPress hit 11,334 new vulnerabilities in 2025 (+42% YoY). Headless architecture removes the attack surface structurally and cuts LCP by 75%.

Gabriel FerraresiMay 28, 20264 min read
wordpressheadlesssecuritynext.jsmigration
Security

Dirty Frag: Deterministic LPE to Root via Container Escape

CVE-2026-43284 + CVE-2026-43500 chain two kernel bugs into a deterministic root shell. AI inference nodes with GPU access are the highest-value targets.

Gabriel FerraresiMay 27, 20265 min read
dirty fraglinuxcontainer escapekuberneteslpe
AI

Prompt Injection Is State Poisoning — Your Agent Is Exposed

CoT Forgery and Trojan Hippo prove prompt injection poisons internal model state. The security boundary is in the wrong place. Here is what changes.

Gabriel FerraresiMay 27, 20264 min read
prompt injectionaisecurityagentsstate poisoning
Security

SGLang: 4 unpatched RCEs in the AI inference server

Four RCE vulnerabilities in SGLang, the AI inference server running on 400K GPUs — three unpatched and the maintainer ignores CERT/CC.

Gabriel FerraresiMay 27, 20265 min read
sglangrcesecurityai inferencevulnerability
Security

Defender Zero-Days: When the Protector Becomes the Attack Vector

SYSTEM-privilege CVEs and Microsoft-signed malware prove that blind trust in Defender is the real vulnerability your organization faces.

Gabriel FerraresiMay 25, 20265 min read
microsoft defenderzero-dayendpoint securityransomwareedr
AI

AI Writes Zero-Days Now — and the Window Collapsed

How AI moved from finding vulnerabilities to writing exploits and self-replicating through them — and why the discovery-to-exploitation window collapsed in 2026.

Gabriel FerraresiMay 24, 20266 min read
aisecurityzero-dayexploitcybersecurity
Security

Supply Chain 2026: When Trust Became the Attack Vector

How SLSA provenance, code signing, and CI/CD became the attack vectors for supply chain attacks in 2026 — and what your company must do now.

Gabriel FerraresiMay 23, 20266 min read
supply chainsecuritynpmci-cdmalware
Infrastructure

Infrastructure AI Needs: Co-Design Is the New Paradigm

NVIDIA invested $40B in infrastructure and Vera Rubin proves it: the AI bottleneck isn't silicon — it's energy, fiber, and orchestration. The data center is the unit of compute.

Gabriel FerraresiMay 22, 20265 min read
infrastructureainvidiadata centerco-design
Security

Drupal SQL Injection: When the Abstraction Fails

CVE-2026-9082 exposed SQL injection in Drupal's abstraction API. 15K attacks in 48h. The patch was one line. Lessons on blind trust in frameworks.

Gabriel FerraresiMay 20, 20265 min read
drupalsql injectionweb securitycvepostgresql
Security

NGINX Rift: 18-Year Bug Found by AI in 6 Hours

CVE-2026-42945: heap overflow in NGINX since 2008. AI found it in hours; patching thousands of instances takes weeks. The asymmetry that changes everything.

Gabriel FerraresiMay 19, 20265 min read
nginxsecurityaivulnerabilityheap overflow
AI

SEO for AI: Google's Official Guide That Changes Everything

Google published the definitive SEO guide for AI search. The message: there is no AEO or GEO. The same fundamentals that worked in 2020 work in AI Mode today.

Gabriel FerraresiMay 16, 20265 min read
seoaigoogleai overviewssearch
Security

PROMPTSPY: the Android malware that uses AI to operate your phone

The first Android malware powered by generative AI reads your screen, thinks, and acts autonomously. Technical analysis and defense strategies.

Gabriel FerraresiMay 15, 20264 min read
malwareaiandroidmobile securitygemini
Security

NATS as C2: When Your Infrastructure Becomes the Weapon

Attackers use NATS pub/sub as an invisible C2 channel. Learn how to detect and block malicious traffic disguised as legitimate microservice communication.

Gabriel FerraresiMay 14, 20264 min read
natsc2securitymicroserviceslangflow
Infrastructure

Containers Don't Isolate Workloads: CopyFail & DirtyFrag

Page cache CVEs collapse container isolation in Kubernetes. Why patches aren't enough and which architecture actually solves it.

Gabriel FerraresiMay 13, 20265 min read
kubernetessecuritylinux kernelcontainerspage cache
FinOps

AI FinOps: Model Selection Is Unit Economics

Paying 21x more for 0.6% better benchmarks is capital waste. Learn how to select AI models based on real cost and throughput per dollar.

Gabriel FerraresiMay 11, 20264 min read
finopsaimodel selectioncostsllm
Architecture

The Harness Beats the Model — Claude Code Architecture

Claude Code has 1,900 TS files. Only 1.6% is AI logic. The other 98.4% is control infrastructure — and that's what separates reliable agents from demos.

Gabriel FerraresiMay 1, 20264 min read
claude codearchitectureaiagentssoftware engineering

Tech86 Specialist

Online now

Hello! How can we help scale your business today?

Tech86 Engineering

We Value Your Privacy

We use cookies and similar technologies to optimize your experience, analyze site traffic, and personalize content. By clicking "Accept All", you agree to the use of all cookies. Read our Privacy Policy.