Part 3 of “Building Resilience in a Globalized Digital Economy.” After NPM worms and full-spectrum supply-chain armageddon, here’s the ugly
Author: ☣️ Mr. The Plague ☣️
Anthony Russell is a long-time senior software engineer, over 14 years of professional experience, with a focus in information security and penetration testing.
Anthony is a professional at
- Application Security and Development
- .NET software engineering
- Penetration Testing
- Code Reviews and Security Auditing
He is also the founder and lead engineer at SquidSec. In his free time he enjoys playing HackTheBox, VulnHub, and Warcraft
From Shai-Hulud worms cascading across npm to UEFI bootkit persistence and MSP credential abuse turning one breach into hundreds—2025–2026 proved
If you read my last deep-dive on NPM supply-chain risks, you remember the punchline: the JavaScript ecosystem is a house
Active Directory (AD) reconnaissance is a critical step in red team engagements, penetration testing, and security assessments. Traditionally, tools like
Ubisoft data breach 2025 In the world of enterprise information security, few incidents highlight the perils of backend misconfigurations and
In the world of ethical hacking and penetration testing, visualizing attack paths and managing command history can make all the
The Node Package Manager (npm) registry faced unprecedented supply chain attacks throughout 2025, marking a significant escalation in threats targeting
Introduction We saw this in 2019 after James popularized modern desync attacks. We saw it again in 2024 after his
In the ever-evolving landscape of offensive security—where cloud misconfigs, Active Directory attacks, and living-off-the-land binaries dominate engagements—speed and muscle memory
Microsoft has released out-of-band security updates to address a critical remote code execution vulnerability in on-premises SharePoint Server that is