Random Oracle

Reckoning with address reuse: the post-quantum challenge for Bitcoin

Mix-and-match: risks of serial two-factor authentication

Crafting unusable public-keys [part II]

Crafting unusable public-keys [part I]

Fully reversible: stablecoins and asset-seizure on chain

The unbounded development team: promise and perils of AI coding assistants

On the limits of binary interoperability

Coinbase and the limits of DLP

The mystery network interface: unexpected exfiltration paths

ScreenConnect: “unauthenticated attributes” are not authenticated

The story behind ScreenConnect certificate revocation

The case for keyed password hashing

AWS CloudHSM key attestations: trust but verify

Spot the Fed: CAC/PIV card edition

Password management quirks at Fidelity

Saved by third-party cookies: when phishing campaigns make mistakes

QCC: Quining C Compiler