This is the story of a subtle workflow error that polluted our logs and kept triggering pointless alerts. It lingered in the background long enough. I decided to track it down and fix it for good. Enough is enough.

For my latest client, I’ve been working with C# and ASP.NET Core, using Entity Framework (EF) Core as the ORM. This gave me the chance to explore how relationships between entities are modeled and and how EF Core loads related data.

Last week, two security patches were added to Rails. One of them was meant to guard against the ANSI escape injection [CVE-2025-55193], a vulnerability affecting Active Record logging. I was curious what an attacker could achieve by exploiting this vulnerability. Here, I logged my findings and created a simple PoC.

Docker is a tool I often use, both for developing personal projects and also during my Cybersec studies. Recently, I researched how Docker builds an image and discovered ways to limit the image size.

One recent contribution to the Rails codebase caught my attention. It concerns the distance_of_time_in_words method. The fix is meant to prevent a possible Denial of Service while using this method.

My findings after implementing the DNS query without any library. This domain name system is nicely tucked away in the network drawers, so you don’t even notice it. Nonetheless, it is used by everyone on the internet multiple times a day.

I’m continuing the practice of reflecting on the year that passed.

After deploying my VPS and taking steps to secure it, I had the original SSH port (22) inactive. But it kept me curious about the default SSH activity going on there. How much brute forcing is happening on a publicly exposed server? I started experimenting with honeypots to find out more.

Ruby offers an easy way to benchmark the code. Here is some syntax for basic benchmarking.

The N+1 query problem is a common performance issue encountered in Rails applications.

There are two main threat actors for your VPS: bots and real people (manually testing access).

SQL injection opens the way to data manipulation and theft, but I recently discovered that it can be an attack vector enabling remote code execution (RCE). This highly critical vulnerability gives the attacker access to the target machine.

As a casual owner of a human brain, I tend to overlook my accomplishments and instead focus on the negatives. I am writing this annual review as an opportunity to reflect on my journey.

A remedy for trust issues with cloud providers.

Polyglot files captivated me while learning cybersecurity. Their clever ability to trick a server and the potential for high-severity attacks made me want to know more about them. Even though one might use various tools for creating them, I was curious how it is done at the byte level.