Resources

Field notes, research, and the occasional opinion.

Articles from engagements we ran, research papers we co-authored, and short updates we'd otherwise have only posted on LinkedIn. No newsletter wall, no gated PDFs.

Articles: 2
Research papers: 0
Case studies: 0
Updates: 0

Articles

Latest from our consultants.

June 1, 2026
CBSE - How a 19-Year-Old Uncovered Critical Security Weaknesses in a National Examination Portal
A publicly reported vulnerability chain affecting a national examination marking platform highlighted the dangers of client-side security controls, broken access control, and inadequate authorization enforcement.
Read article
May 29, 2026
The Browser Extension Attack Chain
Modern browser extensions have evolved into one of the most overlooked enterprise attack surfaces. This research explores how malicious and compromised extensions enable credential theft, session hijacking, MFA bypass, and large-scale supply chain attacks.
Read article

See our work

Anonymised case studies from real engagements.

The articles above tell you how we think. The case studies show what we have delivered — regulator deadlines met, ransomware closed, audits passed. Specific outcomes, real metrics, no names.

Browse case studies

Field notes, research, and the occasional opinion.

Latest from our consultants.

CBSE - How a 19-Year-Old Uncovered Critical Security Weaknesses in a National Examination Portal

The Browser Extension Attack Chain

Anonymised case studies from real engagements.