Patch Tuesday Hit 206 CVEs and Broke Your Cadence
Microsoft's June 2026 Patch Tuesday fixed a record 206 CVEs and 3 zero-days. The real shift is AI-found bugs outrunning the human patch cycle.
Read more
Topic · 7 articles
Security.
7 articles on Security. Practical notes on infrastructure, security, and engineering leadership by Indra Gusti Prasetya.
AI Agent Identity Needs SPIFFE and OAuth, Not One Key
The fix for AI agent identity is two layers: SPIFFE proves what the agent is, OAuth token exchange proves what it may do right now and for whom.
Read more
Hunting Shadow AI Before It Becomes Your Breach Path
Shadow AI now factors into 1 in 5 breaches and adds $670K in cost. Why banning tools backfires, and how to actually find ungoverned GenAI in 2026.
Read more
EU AI Act High-Risk Rules Hit August 2, 2026
The EU AI Act's high-risk obligations become enforceable on August 2, 2026, a deferral isn't law yet, and ISO 42001 won't cover you. Here's the engineering work.
Read more
RSA Is on a Clock Now: The 2026 Deadlines Forcing the Post-Quantum Switch
NIST's finalized post-quantum standards plus FIPS and CNSA 2.0 deadlines put RSA and ECC on a countdown. Here's why 2026 is the year to start migrating.
Read more
Dependency Cooldowns Beat Fast Supply Chain Attacks
Dependency cooldowns delay installing brand-new package versions a few days, blocking most npm and RubyGems supply chain attacks before malware lands.
Read more
The AI Agent You Deployed Last Quarter Is Probably Your Weakest Login
88% of enterprises hit an AI agent security incident in the past year. The cause isn't exotic attacks, it's identities nobody logged out or audited.
Read moreBrowse other topics
Subscribe to the Technical Journal
Deep dives into infrastructure, security, and technical leadership. No noise, just engineering rigor. Subscribe and grab the 2026 AI-agent & infrastructure security checklist.