security
When the Pipeline Signs Your Malware: The May 2026 Supply-Chain Chain
Three supply-chain compromises in eight days self-propagated through SLSA-attested pipelines. The custodians signed the malware themselves.
microsoft
How I Spent Two Weeks Fighting Microsoft's Support System to Recover My Own Account: A Kafka-esque Journey Through Corporate Bureaucracy
Locked out of your Microsoft account as the sole admin? Join me on a 2-week odyssey through Microsoft's Kafkaesque support system. Learn the secret backdoors, magic words, and creative workarounds I discovered to finally recover my account. A survival guide born from corporate bureaucracy hell.
ghost
That Time I Thought I Got Pwned (But Was Just Being a Noob)
Woke up to suspicious AWS bot traffic hitting my Ghost API endpoints. Spent 5 minutes convinced I was hacked before realizing I'm just an idiot who never read the docs. Turns out Ghost's Content API key is supposed to be public. Who knew? (Everyone except me, apparently.)
TLS
The 47-Day Certificate: How Apple Killed the Annual SSL Renewal
The CA/Browser Forum just approved shrinking TLS certificates to 47 days by 2029. We'll soon pay the same price for commercial certs that expire faster than a DHCP lease. Time to embrace automation - those 'annoying' 90-day Let's Encrypt certificates suddenly look like visionaries.
homelab
Complete Guide: Setting Up a Custom Validated Domain for Your Homelab in 2025
Transform your homelab with a custom validated domain using Nginx Proxy Manager, Cloudflare, and wildcard SSL. Access services through clean, secure URLs instead of IP addresses and ports.