Hi, I'm Parag.
I write deep dives into Windows security, endpoint protection, and supply-chain attacks - the kind of posts I wish I had when I was first learning these topics.
Latest writing
-
When Your Password Manager Attacks You: Inside the Bitwarden CLI Supply Chain Compromise
How the @bitwarden/cli npm package was hijacked for 93 minutes on April 22, 2026, subverting trusted publishing to steal AWS, GitHub, and SSH credentials from 334 installs.
-
The Defender's Dilemma: How Microsoft Won the Antivirus War It Can Never Finish
From scoring 0.5/6 in AV-TEST to 100% MITRE detection with zero false positives -- the 20-year transformation of Windows Defender.
-
When SYSTEM Isn't Enough: The Windows Secure Kernel and the End of Total Kernel Trust
How Windows built a hardware-isolated kernel above Ring 0 using Hyper-V, protecting credentials and code integrity even after full NT kernel compromise.
-
No Secrets to Steal: How Windows Hello Eliminated the Shared Secret
How Windows Hello replaced passwords with TPM-backed biometrics, survived a decade of attacks, and helped make passwordless the default.
-
BitLocker on Windows: Architecture, Attacks, and the Limits of Full-Disk Encryption
How BitLocker evolved from an optional enterprise feature to encryption-by-default, its cryptographic architecture, every known attack, and what FDE still cannot protect against.