Blog

Security Research

In-depth analysis of supply chain attacks, vulnerability trends, and security engineering from the Cyber Army team.

• Notes2026-05-1320 min read

  Inside Mythos: how AI finds (and exploits) vulnerabilities in source code and binaries

  A walk through how Claude Mythos Preview surfaces zero-days in Linux, BSD, and FFmpeg, how it reverse-engineers closed-source binaries to find bugs without source, and what the economics mean for the people who have to patch them.

  Read article →
• Notes2026-04-0315 min read

  Software supply chain attacks in 2025–2026: notes on what happened

  A rundown of the big software supply chain incidents from 2025 into early 2026 — Axios, Shai-Hulud, Chalk/Debug, Nx, and the TeamPCP campaign — with what we know about how each one worked and what to do about it.

  Read article →