Background
Who I am
I'm a System Engineer and IAM (Identity & Access Management) Engineer. My work centers on designing and hardening infrastructure, identity systems, and access controls so that the right people and systems get the right access — and nothing more.
On the backend, I spend most of my time in Entra ID, Okta, AWS IAM, and custom IdP integrations — writing policies, auditing access, and building zero trust frameworks that actually hold up under pressure. I automate everything with Terraform, Python, and PowerShell because manual processes don't scale and they breed drift.
On iOS, I build tools like Autheris — a secure 2FA token manager that lives entirely on-device. The goal is to take the same security principles I apply to cloud infrastructure and make them practical in the palm of your hand. This site is where I showcase those projects and point to their dedicated pages. When I'm not building, I write about IAM hardening, authentication patterns, and threat intelligence on the blog.
Latest
Recent posts
Security research, technical deep-dives, and threat intelligence. View all posts →
Cursor Prompt Injection Flaws Escape Sandbox, Execute Commands on Developer Machines
Two critical flaws in Cursor let poisoned prompts break out of the AI editor's sandbox and run commands on developer machines. CVE-2026-50548 and CVE-2026-50549 are zero-click attacks that work via MCP servers or web search results.
FBI Seizes NetNut Proxy Platform, Popa Botnet
The FBI just seized hundreds of domains tied to NetNut, a residential proxy service running on two million compromised smart TVs and streaming boxes. The same infrastructure was powering the Popa botnet.
Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts
81 million login attempts from a single IPv6 range. 78 accounts compromised across 64 organizations. The kicker: most victims had Conditional Access policies enabled. Attackers used a deprecated OAuth flow called ROPC to bypass MFA entirely.