Hardcut
Get in touch
Findings 25 entries · since 2026

Notes on cutovers, infrastructure, and finishing migrations.

Working notes from the Hardcut practice: methodology, lessons from recent engagements, and arguments about why parallel runs cost more than cutovers.

  1. security · ai · identity

    The support bot had write access

    Meta's own AI support assistant reset Instagram passwords for whoever asked, with no credentials and no phishing needed. The failure was not the model. It was putting an LLM where an authorization check belonged.
  2. intro · method · migrations

    Fourteen years of moving production without anyone noticing

    Where I worked before Hardcut, what kept killing the migrations I watched, and the one promise the practice is built on.
  3. incident · meta · instagram · ai · identity · account-takeover

    Meta AI support bot hijacked to reset Instagram passwords

    Attackers asked Meta's AI Support Assistant to add an email to a target account, received the reset code themselves, and completed a password reset — no credentials, phishing, or malware. Accounts with MFA were unaffected.
  4. migrations · legacy · method

    Your stack is a core sample

    Open a system that has run for a decade and you are reading sediment: one layer per tech era, still load-bearing. A field guide to the whole sequence.
  5. incident · gitea · container-registry · exposure

    Gitea container registries exposing private images without auth

    CVE-2026-27771: Gitea (pre-1.26.2) and forks failed to enforce access control on private container registries. ~31,750 instances exposed application code, credentials, and certs to unauthenticated pull.
  6. security · retrospective

    2026 so far: a security incident retrospective

    Five months, one supply-chain actor reaching GitHub itself, and two of the year's worst bugs found by AI in under an hour.
  7. intro · method

    Hello, Hardcut

    Why this consultancy exists, and what 'clean cutover' means in practice.
  8. incident · teampcp · github · supply-chain

    GitHub-internal repos exfiltrated via poisoned VS Code extension

    Developer endpoint compromised by a malicious Nx Console VS Code extension (~2.2M installs). TeamPCP exfiltrated ~3,800 GitHub-internal repositories.
  9. incident · teampcp · downstream

    Grafana Labs GitHub breach via TanStack

    Detected the TanStack activity on May 11 and rotated tokens, but missed one workflow token that was assumed unaffected. Attackers used remaining access to download source.
  10. incident · microsoft

    "YellowKey" BitLocker bypass mitigated

    CVSS 6.8 understates the risk: in laptop-theft scenarios, BitLocker is often the only thing between data-at-rest and a stranger holding the device.
  11. incident · nginx

    NGINX heap overflow in ngx_http_rewrite_module

    Versions 0.6.27 through 1.30.0. CVSS 9.2. Active exploitation observed. If you run NGINX and your version is older than 1.30.1, this is the patch to ship first.
  12. incident · teampcp · supply-chain · npm

    TanStack and the Mini Shai-Hulud npm worm

    84 npm artifacts across 42 @tanstack/* packages plus @squawk/*, @mistralai/*, others, chaining GitHub Actions Pwn Request, cache poisoning, OIDC token theft.
  13. incident · linux · kernel · ai-discovery

    "Copy Fail": deterministic Linux kernel LPE on all major distros

    Logic flaw in algif_aead lets an unprivileged user do controlled 4-byte writes into the page cache, corrupt privileged binaries, escalate to root. 732-byte PoC.
  14. incident · phishing · third-party

    Adobe support tickets exfiltrated via BPO

    Phishing on a BPO support employee → RAT → escalation to manager → full access to ticketing. The platform let any agent export every ticket in one bulk request.
  15. incident · teampcp · supply-chain · npm

    Bitwarden CLI npm package compromised for 90 minutes

    @bitwarden/cli@2026.4.0 sat on npm just long enough to harvest AWS/Azure/GCP/GitHub/npm tokens, SSH material, and shell history, then self-propagate.
  16. incident · github · ai-discovery

    `git push` command injection on GitHub.com and Enterprise

    Wiz Research found push-option values weren't sanitized before being written into the internal X-Stat header. Any authenticated user with push access could execute commands as the git user.
  17. incident · teampcp · downstream

    Cisco dev-environment breach via Trivy creds

    Attackers used credentials stolen in the Trivy compromise to access Cisco's internal build systems. Allegedly: multiple AWS keys, 300+ GitHub repos cloned.
  18. incident · teampcp · supply-chain · pypi

    LiteLLM and Telnyx Python SDKs poisoned on PyPI

    Same playbook: inject infostealer payloads that execute during routine CI automation. LiteLLM claims ~95M monthly downloads.
  19. incident · teampcp · supply-chain · ci-cd

    Checkmarx KICS Action compromised via stolen Trivy tokens

    GitHub PATs harvested from the Trivy intrusion used to force-push malicious tags on checkmarx/kics-github-action. Different domains than the Trivy wave, so tag-pinning missed it.
  20. incident · teampcp · supply-chain · ci-cd

    Trivy supply-chain compromise: the year's pivot point

    TeamPCP takes over the aqua-bot service account, force-pushes malicious commits to 76 of 77 trivy-action tags plus the scanner binary and Docker Hub images.
  21. incident · ransomware · healthcare

    UMMC ransomware downs Mississippi statewide health network

    EPIC EMR offline, clinics closed, statewide hospital transfer coordination knocked out. Chemo patients turned away because records were inaccessible.
  22. incident · supply-chain

    Notepad++ update channel hijacked for six months

    WinGUp updater used by Notepad++ < 8.8.9 failed to verify download signatures. Lotus Blossom replaced legit installers with Cobalt Strike + Chrysalis.
  23. incident · microsoft · zero-day

    Six actively exploited Microsoft bugs in one Patch Tuesday

    SmartScreen bypass, IE/LNK code-exec, OLE mitigation bypass in Office, DWM LPE, and a Remote Desktop Services escalation to SYSTEM.
  24. incident · teampcp

    TeamPCP surfaces as a named threat actor

    First seen targeting misconfigured Docker APIs and Kubernetes clusters. By May the same crew would be linked to Trivy, Checkmarx, Bitwarden CLI, TanStack, and GitHub itself.
  25. incident · microsoft · zero-day

    Windows DWM zero-day exploited in the wild

    Information disclosure in Desktop Window Manager, CVSS 5.5, and actively exploited. Textbook case for why CVSS alone shouldn't drive patch priority.

Subscribe via RSS →