Sma Das

The Phish from Within

An in-depth analysis of AI-powered anti-phishing startups and the most sophisticated phishing operation in corporate history - targeting venture capital portfolios instead of corporate inboxes.

Sma Das·Tuesday, January 20, 2026

certificationscybersecuritycareer

Certified in Confusion²

Certifications are expensive and promise you the moon; but only their costs can reach the moon.

Sma Das·Sunday, January 18, 2026

cybersecuritymalwareresearch

The Stealer Log Ecosystem: Processing Millions of Credentials a Day

An in-depth analysis of the evolving stealer malware ecosystem, from Telegram channels to credential marketplaces, and how organizations can protect themselves.

Sma Das·Thursday, January 15, 2026

cybersecurityreverse-engineeringmalware

Reverse Engineering Malicious Telegram Bots: A Deep Dive

A technical walkthrough of reverse engineering a credential-stealing Telegram bot, from initial discovery to complete analysis of its command and control infrastructure.

Sma Das·Saturday, January 10, 2026

cybersecurityinfrastructureprogramming

Building a Production Honeypot Network: Lessons from the Field

How we designed and deployed a distributed honeypot network that captures real-world attack data, from architecture decisions to operational insights.

Sma Das·Monday, January 5, 2026

programmingrustcybersecurity

Why Rust is Becoming the Language of Choice for Security Tools

Exploring why security researchers and tool developers are increasingly turning to Rust, with practical examples and performance comparisons.

Sma Das·Sunday, December 28, 2025

cybersecurityprogrammingweb-security

10 API Security Mistakes I See Over and Over Again

After reviewing hundreds of APIs, these are the security mistakes that keep appearing. Learn what they are and how to fix them.

Sma Das·Monday, December 15, 2025