CVE-2026-31431 is a straight-line logic flaw in the Linux kernel's AF_ALG crypto API that's been exploitable on every major distro since 2017. Magento hosts are high-priority targets. Here's what you need to do right now.
GitHub accidentally included webhook secrets in HTTP headers between September 2025 and January 2026. Here's what happened, who's affected, and what you need to do about it.
How to guide on checking if your Magento 2 store is safe from the Polyshell vulnerability. And guidance on how to patch and secure your site if it is not.
Adobe's new monthly isolated patch approach for Magento creates maintenance burden. Here's how a community meta-package can help restore sanity to security patching.
Why I’m consolidating my blog and documentation into my main site: reducing infrastructure, improving clarity, and strengthening my personal brand and SEO.
Learn how to integrate Sansec Ecomscan into Magento 2 CI/CD pipelines to detect malware, enforce security patches, and secure build artifacts. Step-by-step guides for GitHub Actions and Bitbucket Pipelines included.
I rebuilt small projects to test AI for frontend, SEO and UI. Here’s what helped, what broke, and how I’d use it again.
Cloudflare accidentally took half the internet down for half a day, right before Black Friday. What can we learn from this, and how can we engineer more resilient infrastructure to survive similar outages in the future?
How to guide on checking if your Magento 2 store is safe from the Session Reaper (CVE-2025-54236) exploit. And guidance on how to patch and secure your site if it is not.
Approaches to simply deploying patches across a large inventory of Magento 2 deployments