Background
Who I am
I'm a System Engineer and IAM (Identity & Access Management) Engineer. My work centers on designing and hardening infrastructure, identity systems, and access controls so that the right people and systems get the right access — and nothing more.
On the backend, I spend most of my time in Entra ID, Okta, AWS IAM, and custom IdP integrations — writing policies, auditing access, and building zero trust frameworks that actually hold up under pressure. I automate everything with Terraform, Python, and PowerShell because manual processes don't scale and they breed drift.
On iOS, I build tools like Autheris — a secure 2FA token manager that lives entirely on-device. The goal is to take the same security principles I apply to cloud infrastructure and make them practical in the palm of your hand. This site is where I showcase those projects and point to their dedicated pages. When I'm not building, I write about IAM hardening, authentication patterns, and threat intelligence on the blog.
Latest
Recent posts
Security research, technical deep-dives, and threat intelligence. View all posts →
Miasma Worm Takes Down 73 Microsoft GitHub Repositories
The Miasma self-replicating supply chain worm campaign just hit 73 Microsoft GitHub repositories across Azure, Azure-Samples, Microsoft, and MicrosoftDocs organizations. Same threat actors from May's PyPI compromise likely still held valid credentials.
CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog
CISA added Mirasvit Cache Warmer deserialization flaw CVE-2026-45247 (CVSS 9.8) to the KEV catalog. Federal patch deadline is June 24. Active exploitation confirmed.
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
A security flaw in Anthropic's Claude Code GitHub Action allowed attackers to take over vulnerable public repositories with nothing more than a single malicious issue. Because Anthropic's own action repo used the same vulnerable workflow, a successful attack could have pushed malicious code into the action itself.