Ian's Blog
Cybersecurity, product management, AI, and building things that matter.
cybersecurity
GlassWorm Has Had a Busy March
433 compromised components across GitHub, npm, VSCode, and OpenVSX in two weeks. Here is what GlassWorm is doing, how it works, what to check right now, and how to vet extensions before you install them.
cybersecurity
A Perfect 10 That Nobody Noticed for a Month
Cisco's firewall management center had a CVSS 10.0 zero-day sitting in the wild for weeks before anyone said anything publicly. This is not a new story, just a familiar one.
cybersecurity
Attackers Got 4x Faster. Did Your Security Team?
Unit 42 says attackers are moving four times faster than they were a year ago. Having watched incident response evolve over two decades, I can tell you the real problem is not the speed.