Skip to main content
bifrost closes funding round and launches its first sovereign service, hosted in Sweden Read the announcement

Technical

33 posts in this category

All Posts Company News Events Technical Compliance Product Thought Leadership
Fragnesia Makes Three: Why It Couldn't Touch Workloads Under a Tailored AppArmor Profile Either
Technical Product June 1, 2026

Fragnesia Makes Three: Why It Couldn't Touch Workloads Under a Tailored AppArmor Profile Either

Fragnesia (CVE-2026-46300) is the third universal Linux kernel LPE in the Dirty Frag class to land in under two weeks. It abuses the XFRM ESP-in-TCP path to write into the page cache of read-only files with no race condition, and ships with a one-line public exploit. For workloads running under a behaviour-generated AppArmor profile, the surface it needs was never in the allow list. This is the same non-event, a third time. Here's why, and how to confirm your exposure in seconds.

By Hannes Ullman Read more
Shai-Hulud Rides Again: The Bitwarden CLI Compromise and the Cascade We're Now Living In
Technical April 24, 2026

Shai-Hulud Rides Again: The Bitwarden CLI Compromise and the Cascade We're Now Living In

On April 22, 2026, @bitwarden/cli@2026.4.0 was published with a credential-stealing payload — via a GitHub Action that was itself compromised in the Checkmarx breach a month earlier. The cascade is not a metaphor; it is the mechanism. Why supply chain velocity is outpacing upstream defences, and why runtime enforcement is the only surface attackers cannot bypass.

By Hannes Ullman Read more
When Trusted Security Tools Turn Against You: The TeamPCP Campaign and Why Runtime Protection Is No Longer Optional
Technical March 31, 2026

When Trusted Security Tools Turn Against You: The TeamPCP Campaign and Why Runtime Protection Is No Longer Optional

In March 2026, the threat actor TeamPCP compromised Trivy, KICS, and LiteLLM — turning trusted security tools into credential stealers across thousands of CI/CD pipelines. We break down how the attacks cascaded, why traditional defences failed, and how tailored AppArmor profiles enforce runtime protection that stops compromised components regardless of how they were infected.

By Hannes Ullman Read more
The Role of LSMs
Technical June 17, 2025

The Role of LSMs

Linux powers everything from cloud servers to smart devices. With so much depending on it, robust security is a must, and that’s where Linux Security Modules...

By Bifrost Team Read more
Talos 1.8 is here! 🚀
Technical September 27, 2024

Talos 1.8 is here! 🚀

Today we celebrate the newest release of Talos Linux! Talos Linux is Linux reimagined for the kubernetes world. It is designed from the ground up with a...

By Bifrost Team Read more