Activity
See this week's changes
Inscribed:
Scroll trīgintā sextus
Welcome to volume thirty-six of Scrolls, a newsletter for sharing cool stuff from the IndieWeb, Fediverse & Cybersecurity realms. This week the open web is in its endgame, and threat actors have an absolute field day. So stop everything else you’re doing and get scrollin’!
published April 8, 2026 Changed:updated April 10, 2026 12:18 am EST
Weekly Changes 4/6/26-4/12/26
April 10, 2026
- 6 new infosec blogs this week
April 9, 2026
- Added Charcuterie to bookmarks page
April 8, 2026
Journaled:
Captain's Log, Entry: March 30, 2026
Spring has sprung, and with it a new garden 🌱 — the Vulnerability Garden 🪴! That’s been a big focus of mine the last week or so (and is still under development for my v1.0 release). I was in San Francisco earlier this month ✈️. Nothing else particularly noteworthy to...
published March 30, 2026 Changed:updated March 30, 2026 9:47 pm EST
Weekly Changes 3/30/26-4/05/26
March 30, 2026
- 3 new infosec blogs this week
- Journaled Captain’s Log, Entry: March 30, 2026
Inscribed:
Scroll trīgintā quīnque
Welcome to volume thirty-five of Scrolls, a newsletter for sharing cool stuff from the IndieWeb, Fediverse & Cybersecurity realms. This week, if you haven’t already, you should make a fuc**ng website. Y’know what? That’s it. Just go do that.
published March 27, 2026 Inscribed:
Scroll trīgintā quattuor
Welcome to volume thirty-four of Scrolls, a newsletter for sharing cool stuff from the IndieWeb, Fediverse & Cybersecurity realms. This week we explore the everything web, chill in the Fediverse, and let the madness (AI) consume us.
published March 24, 2026 Changed:updated March 29, 2026 12:56 pm EST
Weekly Changes 3/23/26-3/29/26
March 29, 2026
- Added Threat Landscape | cstromblad to infosec tools list
March 28, 2026
- 6 new infosec blogs this week
March 27, 2026
- Inscribed Scroll trīgintā quīnque
March 24, 2026
- Inscribed Scroll trīgintā quattuor
Changed:updated March 20, 2026 9:19 am EST
Weekly Changes 3/16/26-3/22/26
March 19, 2026
- 4 new infosec blogs this week
March 18, 2026
March 16, 2026
- Added RestInCode to infosec tools
- Added LnkMeMaybe to named vulns list
Posted:
Beep, Boop, Sad 🤖 😞
"AI" is making me, and a lot of other people sad. This collection of links will give you an idea why...
published March 13, 2026 Inscribed:
Scroll trīgintā trēs
Welcome to volume thirty-three of Scrolls, a newsletter for sharing cool stuff from the IndieWeb, Fediverse & Cybersecurity realms. This week we’re laying the foundation for our home(s) on the Internet, we archaeologize the social web, and congratulations are in order for the CVE program—exciting!
published March 13, 2026 Noted:
Useful Pokémon
Inspired by this post on Threads, I thought about which Pokémon would be the most useful to me in real life. Here’s what I came up with (in index order)…
published March 12, 2026 Linked:
The Colonization of Confidence via Sightless Scribbles
Wow. A powerful essay on humanity, and what we can’t replace with an LLM, no matter how many tokens we throw at it.
shared March 9, 2026 Posted:
Conflagration
My story of burnout, and some resources/analysis for spotting, mitigating and treating burnout.
published March 9, 2026 Changed:updated March 15, 2026 10:27 pm EST
Weekly Changes 3/9/26-3/15/26
March 15, 2026
- 5 new infosec blogs this week
March 13, 2026
- Inscribed Scroll trīgintā trēs
- Posted Beep, Boop, Sad 🤖 😞
- Added RegPwn to named vulns list
March 12, 2026
- Added atomdrift lab & LOLDrivers to infosec tools list
- Added Zombie Workflows, CrackArmor & Pwn Requests to named vulns list
- Published my human.json file
- Noted Useful Pokémon
March 11, 2026
- Added AI Incident Database to infosec tools list
- Added PageJack to named vulns list
March 10, 2026
- Added PleaseFix, Zombie Zip & LeakyLooker to named vulns list
March 9, 2026
- Added ContextCrush & InstallFix to named vulns list
- Posted Conflagration ❤️🔥
- Linked to The Colonization of Confidence
Noted:
Museum memories
This month’s IndieWeb Carnival, hosted by James (of James’ Coffee Blog), is “Museum memories”. I wouldn’t say I’m a big museum go’er or anything, but I’ve been to my fair share. As such, nothing immediately sprang to mind as I thought about how to respond to this particular prompt. Ultimately...
published March 6, 2026 Inscribed:
Scroll trīgintā duo
Welcome to volume thirty-two of Scrolls, a newsletter for sharing cool stuff from the IndieWeb, Fediverse & Cybersecurity realms. This week we take a look at what it means to be part of the IndieWeb community, we advocate for the Fediverse, and we take a look at things more and...
published March 6, 2026 Posted:
Using MAESTRO to Secure Agentic AI
Taking a look at MAESTRO and commenting on it's novelty and use as a threat modeling framework.
published March 5, 2026 Changed:updated March 8, 2026 12:48 am EST
Weekly Changes 3/2/26-3/8/26
March 7, 2026
- 11 new infosec blogs this week
- Added Zero Day Clock to infosec tools list
- Added WrongSecrets to infosec training list
March 6, 2026
- Inscribed Scroll trīgintā duo
- Noted Museum memories (an IndieWeb Carnival submission)
March 5, 2026
- 2 new infosec blogs this week
- Posted Using MAESTRO to Secure Agentic AI
- Added ISP Spy Check to infosec tools list
March 3, 2026
- Added MAESTRO to threat modeling post
March 2, 2026
- Added ClawJacked to named vulns list
Inscribed:
Scroll trīgintā ūnus
Welcome to volume thirty-one of Scrolls, a newsletter for sharing cool stuff from the IndieWeb, Fediverse & Cybersecurity realms. This week we discuss curation on the web, how community bridges protocols and we grab some popcorn for the latest encryption drama!
published February 27, 2026 Journaled:
Captain's Log, Entry: February 26, 2026
It’s been a busy month on the blog! So what’s goin’ on… I’ve added a bunch of new pages to the site, and have been publishing a variety of notes and posts. I’ve mused on how to get myself academically/professionally motivated once more and also appended a new thoughtstream section...
published February 26, 2026 Noted:
'Self-host it' is an answer. Let me explain...
My response-to / thoughts-on Neil’s write up, ‘Self-host it’ is not the answer.👹 Strapping on my devils advocate horns hat…Neil is right, self-hosting isn’t a panacea for the ills of big tech, and barriers absolutely exist, some insurmountable for many, but I think spreading the self-hosting gospel, i.e. educating the...
published February 24, 2026 Changed:updated March 1, 2026 10:39 pm EST
Weekly Changes 2/23/26-3/1/26
March 1, 2026
- 5 new infosec blogs this week
- Added LOLGlobs to infosec tools list
February 27, 2026
- Inscribed Scroll trīgintā ūnus
February 26, 2026
- Journaled Captain’s Log, Entry: February 26, 2026.
- Added AirSnitch to named vulns list
February 24, 2026
- Noted ‘Self-host it’ is an answer. Let me explain…
- Visited links are now colored via CSS in individual Scrolls
- Lots of styling changes…
February 23, 2026
- Added ForcedLeak to named vulns list
- Published /ai page
- Published /self-hosted page
Linked:
Why I email complete strangers via Good Internet
It’s simple. Just send a message to the folks who you appreciate. They’ll really enjoy it. It’ll likely make their day! It takes virtually no time at all really, and you’ll feel good about it. It’s wins all around.
shared February 20, 2026 Noted:
Setting off on a self-hosting journey
I want to self-host a bunch of things. Why? Let’s see here… techno-fascism, privacy disasters, tech companies randomly sunsetting things, enshittification spirals, etc… I’m tired of it. I want to run some stuff myself, own the data, and be happy with my tech.
published February 20, 2026 Inscribed:
Scroll trīgintā
Welcome to volume thirty of Scrolls, a newsletter for sharing cool stuff from the IndieWeb, Fediverse & Cybersecurity realms. This week we make the web beautiful, beat the drum of decentralization, and find a whole slew of cybergems.
published February 20, 2026 Noted:
citations.css
I previously introduced the idea of using CSS as a means to selectively style references to other sites/authors/creators. There I also suggested using indieweb.txt as a place to share one’s own reference info, including this css styling. Since I somewhat routinely credit or otherwise shout-out other IndieWeb personalities throughout this...
published February 17, 2026 Changed:updated February 23, 2026 10:46 am EST
Weekly Changes 2/16/26-2/22/26
February 22, 2026
- 9 new infosec blogs this week
- Added Samplepedia & pwn.legal to infosec tools list
- Published /blank slash page
- Published /nope slash page
- Published /top4 slash page
February 20, 2026
- Added Cyber, InfoSec Events & Cybersecurity Conferences to infosec tools list
- Inscribed Scroll trīgintā
- Noted Setting off on a self-hosting journey
- Linked Why I email complete strangers
- Joining ØɄ₮₴łĐɆ webring
- Published Verify page
February 19, 2026
- Posted Garden Plan 2026
February 17, 2026
- Published the Hello page 👋
- Noted citations.css
- Added slash page signifier at the bottom-right of each slash page
February 16, 2026
- Added CVE.ICU & PatchThisApp to infosec tools list
Noted:
Things you'll NEVER hear me say
A list of things you’ll absolutely NEVER hear me say…
published February 13, 2026 Inscribed:
Scroll ūndētrīgintā
Welcome to volume twenty-nine of Scrolls, a newsletter for sharing cool stuff from the IndieWeb, Fediverse & Cybersecurity realms. This week we’re keeping it real on the web, navigating our social crises, and goin’ through the cyberlist.
published February 13, 2026 Linked:
Fun With The Web via Patrick Brosset
I’ve always thought the best way to learn something was to have an idea on how you actually would want to use something. Even better, find something that you find genuinely fun. Learning takes time, and time flies when you’re having fun!
shared February 13, 2026 Linked:
Write about the future you want via Dave Rupert
I like this idea. It’s easy enough to point out the flaws in the world. Why not try to solution things, and bring some much-needed positivity to the world? Write about the future you want to see, not the present that has let you down.
shared February 13, 2026 Posted:
The Human Web
An introduction to the Human web, and how one can be a part of it.
published February 13, 2026 Changed:updated February 13, 2026 4:41 pm EST
Weekly Changes 2/9/26-2/15/26
February 13, 2026
- 10 new infosec blogs this week
- Posted The Human Web
- Linked Write about the future you want
- Linked Fun With The Web
- Inscribed Scroll ūndētrīgintā
- Added Open Security Architecture to infosec tools list
- Noted Things you’ll NEVER hear me say
February 11, 2026
- Added Vulnerability Spoiler Alert to infosec tools list
Posted:
Intersecting Interests
My entry in the February 2026 IndieWeb Carnival all about Intersecting Interests.
published February 7, 2026 Inscribed:
Scroll duodētrīgintā
Welcome to volume twenty-eight of Scrolls, a newsletter for sharing cool stuff from the IndieWeb, Fediverse & Cybersecurity realms. This week we discuss the importance of having a website and do some tubular indie-web surfin’ (with a few other fedi bits and cyber bobs thrown in for fun).
published February 6, 2026 Linked:
Lessons Learned from 20 Years & Why You Should Blog via Adam Caudill
So many great nuggets of advice here—on minimizing writing friction, owning your (domain) name, building a site rather than just a blog, ignoring analytics, writing referential content that can live beyond the week it was written, being authentic, writing with a focus on quality (over quantity), using copious links to...
shared February 4, 2026 Linked:
Make a Fucking Website via make.afucking.website
What are you waiting for!
shared February 4, 2026 Linked:
i'll read it. via chronosaur.us
I’ve always said not to worry about whether someone will read what you have to say on your blog. The world is a big place, and there’s always an audience for your writing, no matter how niche. And here ya go, someone wants to read it.
shared February 3, 2026 Posted:
100 Webmaster Questions
A webmastering-related questionnaire / blogging-challenge.
published February 3, 2026 Inscribed:
Scroll vīgintī septem
Welcome to volume twenty-seven of Scrolls, a newsletter for sharing cool stuff from the IndieWeb, Fediverse & Cybersecurity realms. This week we ponder a better, although imperfect web, we encourage everyone to join the Fediverse movement, and sigh… AI continues to make us sad.
published February 2, 2026 Changed:updated February 8, 2026 9:43 am EST
Weekly Changes 2/2/26-2/8/26
February 7, 2026
- 13 new infosec blogs this week
- Posted Intersecting Interests (as part of IndieWeb Carnival February 2026)
February 6, 2026
- Inscribed Scroll duodētrīgintā
- Published the new /mentions page
February 5, 2026
- Added KEV Collider to infosec tools list
February 4, 2026
- Added Metro4Shell to named vulns
- Big updates to my blogroll
- Linked Make a Fucking Website
- Linked Lessons Learned from 20 Years & Why You Should Blog
February 3, 2026
- Posted 100 Webmaster Questions
- Linked i’ll read it
- Added LOLAPI to infosec tools list
February 2, 2026
- Added GatewayToHeaven, N8Scape & Cellbreak to named vulns list
- Inscribed Scroll vīgintī septem
Journaled:
Captain's Log, Entry: January 30, 2026
Phew! It’s been a minute since I’ve published one of these journal entries. Yep, I’m still alive. Just busy, sometimes unmotivated, and have just generally been elsewhere for a few months now. But I’ve been easing myself back into some of my old grooves and that includes my blogging and...
published January 30, 2026 Inscribed:
Scroll vīgintī sextus
Welcome to volume twenty-six of Scrolls, a newsletter for sharing cool stuff from the IndieWeb, Fediverse & Cybersecurity realms. This week we talk about what it means to be a part of the IndieWeb, we ask ourselves “can we build a better social network?”, and we mess with Claude.
published January 29, 2026 Posted:
Link Dumps
An introduction to blog-bourne "link dumps. Plus, a list of sites that regularly publish link dumps.
published January 29, 2026 Changed:updated January 30, 2026 1:30 pm EST
Weekly Changes 1/26/26-2/1/26
January 30, 2026
- Journaled Captain’s Log, Entry: January 30, 2026
January 29, 2026
- 1 new infosec blog this week
- Posted Link Dumps
- Added PackageGate to named vulns list
- Inscribed Scroll vīgintī sextus
- Added Open Source Malware to infosec tools list
Posted:
Canonicalize Your Web Identity and Achieve Data Sovereignty with PESOS
A framework for syndicating website content - PESOS!
published January 21, 2026 Inscribed:
Scroll vīgintī quīnque
Welcome to volume twenty-five of Scrolls, a newsletter for sharing cool stuff from the IndieWeb, Fediverse & Cybersecurity realms. This week we do some web surfin’, pulse-check the social web, and keep right on cyberin’. So get-t’-scrollin’ right meow!
published January 21, 2026 Changed:updated January 24, 2026 4:14 pm EST
Weekly Changes 1/19/26-1/25/26
January 23, 2026
- Added Parseltongue to infosec tools list
January 22, 2026
- 9 new infosec blogs this week
- Added AIVSS to infosec tools list
January 21, 2026
- Added Holey Beep & ChainLeak to named vulns list
- Inscribed Scroll vīgintī quīnque
- Blogged Canonicalize Your Web Identity and Achieve Data Sovereignty with PESOS
January 20, 2026
- Added CrashFix, BodySnatcher & StackWarp to named vulns list
- Added Security Research Threats & ROSTI to infosec tools list
- Added WorstOfBreed to bookmarks list
Inscribed:
Scroll vīgintī quattuor
Welcome to volume twenty-four of Scrolls, a newsletter for sharing cool stuff from the IndieWeb, Fediverse & Cybersecurity realms. This week we discuss the point of blogging, what social media is (and isn’t), and drop a lot of awesome infosec tools/resources.
published January 13, 2026