Posts

The future of payments is happening right now, and it’s moving on-chain. As we watch digital commerce transform right now before our eyes, stablecoins are quietly becoming the backbone of an entirely new financial infrastructure—one that’s faster, more affordable, and infinitely more programmable than what we’ve known before. Enter the Commerce Onchain Payment Protocol At the heart of this revolution sits the Commerce Onchain Payment Protocol, a blockchain-native framework that’s doing something remarkable: it’s bringing all the reliability and trust we expect from traditional payment systems into the world of digital assets. Think of it as building a bridge between the old world of finance and the new possibilities that blockchain technology offers. ...

You know that feeling when you pick up your phone to check the time, and suddenly it’s two hours later? You’ve been mindlessly scrolling through Instagram reels, TikTok videos, and endless memes. Your eyes feel strained, your thumb is practically on autopilot, and you can’t even remember half of what you just watched. Welcome to zombie scrolling—the mindless, compulsive consumption of social media content that leaves you feeling mentally drained and oddly empty. It’s that autopilot mode where your brain shuts off and your thumb keeps moving, endlessly swiping through an infinite feed of short videos, photos, and posts. You’re physically present but mentally checked out, like a social media zombie. ...

In the world of digital payments, four-digit Merchant Category Codes (MCCs) silently orchestrate billions of transactions daily. These seemingly simple classification numbers wield enormous influence over business operations, processing fees, and transaction approval. What Are Merchant Category Codes? MCCs are standardized codes assigned by card networks like Visa, Mastercard, and American Express. They instantly communicate what type of business is processing a payment – from airlines (MCC 3005) to veterinary services (MCC 0742). ...

In a world where having an Instagram account seems as essential as having a phone number, I’ve made a choice to stay off that wonderful platform. While friends and family regularly ask me to join, I’ve found that my reasons for avoiding Instagram have only grown stronger over time. Instagram No Longer Serves My Life When I evaluate any tool or platform, I ask myself a simple question: “Does this add genuine value to my life?” For Instagram, the answer is a resounding no. The platform doesn’t align with how I want to spend my time or energy. I prefer meaningful conversations, real-world experiences, and activities that contribute to my personal growth rather than curating a digital persona. ...

A common complaint that you often hear in Infosec is how hard it can be to report vulnerabilities sometimes. This story tells of my journey using OSINT tools to find the right person to responsibly report a bug to. Of course, I enjoyed the journey more than the destination. The Discovery Even today, you can still find lots of misconfigured S3 buckets full of juicy data. I recently found one which contained a lot of personal documents belonging to the employees of a electric vehicle startup, lets refer to them with a made up name to save them some face. Lets call them EVzap. ...

This post is mainly for users who use MFA authenticator apps on their smartphones. Earlier the process was to click either “Yes (Approve)” or “No (Deny)” and that would allow to login. Why is now one more step required to enter a value shown on the login page? Background We have been using passwords since years to secure our digital accounts. Since people need to have passwords for several different services and it becomes tough to remember them, they started to either (a) reuse the same password, (b) use an easy password, (c) write down the different passwords. ...

Managing vulnerabilities in assets is a priority for any organization to ensure that they are secure. The Vulnerability Management program oversees the aspects of identification of bugs, analysis, tracking, and patching. The traditional Vulnerability Management approach has always been an old ‘scan and patch’ method, in which an automated tool runs the scan, and the support team works on patching those findings. However, this method needs a cycle of improvement with the vulnerabilities and their types, as well as the risks associated with them, having changed drastically. ...

In this world of interconnected devices, smart cameras are everywhere — ubiquitous in modern times. Over the past decade, the camera industry has seen major innovation, with Gartner projecting around 15 million connected cameras by 2023. With camera evolution, attackers have become more skilled. Recently, a security startup had nearly 150,000 cameras breached; cloud‑connected cameras of over 200 individuals were hacked, exposing four years of footage. Hackers once infiltrated casino cameras and used that access to win millions. It’s critical to secure every component — security is only as strong as the weakest link. ...

I use a burner (temporary) email for filling it at random websites for my testing. Still, I have taken care not to use this email address at unreliable websites. Somehow, someone got hold of this email address. Now, how can that person check that my address is still valid and active? They need to check this for sending me spam/phishing emails and get a better ROI. Here’s the technique they used, and I was impressed. Generally I don’t entertain my Spam folder and hence haven’t seen many of such mails. The mail says — ...

Amazon Web Services (AWS) is a great resource to try and learn cloud concepts and later setup your own infrastructure on cloud. Since very long, AWS is providing 1 year of free usage for a set of cloud services. If you own one laptop and want to have another machine for testing, you either need to install Virtualization software (Virtual Box, VMWare, etc) or you can use the free tier of AWS. Amazon EC2 (Elastic Compute Cloud) can be used to setup your own instances on the cloud to do this. While having a penetration testing machine on AWS, you need to take care of some points: ...