February 2026
Caging AI agents with SPIFFE/SPIRE, cryptographic identity, 60-second certificate lifetimes, and a real kill switch. Because hope isn't a security strategy.
AI Agents SPIFFE/SPIRE Zero TrustWriting about things I'm building, breaking, and thinking about.
Caging AI agents with SPIFFE/SPIRE, cryptographic identity, 60-second certificate lifetimes, and a real kill switch. Because hope isn't a security strategy.
AI Agents SPIFFE/SPIRE Zero TrustFound an LDAP injection variant in Bouncy Castle that was missed when CVE-2023-33201 was patched two years ago. Same bug, different code path.
Bouncy Castle LDAP Injection CVE-2026-0636A path traversal vulnerability in Grafana Loki that could allow unauthorized file access.
Grafana Path Traversal CVE-2026-21726A Zip Slip vulnerability in the Ghidra reverse engineering tool that could lead to arbitrary file writes during archive extraction.
NSA Ghidra Zip Slip