DEV Community: Dhaval Upadhyay

Anthropic Mythos Just Found a 27-Year-Old Bug in OpenBSD — Cybersecurity Will Never Be the Same Again

Dhaval Upadhyay — Mon, 18 May 2026 11:39:49 +0000

For years, developers treated AI like a smarter autocomplete tool.

Write functions.
Generate APIs.
Fix syntax errors.
Explain stack traces.

But something changed recently.

An AI model Mythos associated with Anthropic reportedly discovered:

a 27-year-old vulnerability in OpenBSD
and another bug hidden for 16 years inside FFmpeg

That is not a small milestone.

That is a warning sign for the entire software industry.

The OpenBSD Discovery Shocked Security Researchers

The most surprising part of this story is not just the age of the bug.

It is where the bug was found.

The vulnerability reportedly existed inside:

OpenBSD

OpenBSD is not some random abandoned operating system.

It is globally respected for:

strong security architecture
aggressive code auditing
minimal attack surface
secure-by-default philosophy

For decades, OpenBSD has been considered one of the most security-focused operating systems in existence.

Yet an AI system reportedly identified:

a hidden integer overflow issue
inside the TCP SACK implementation
capable of causing remote denial-of-service behavior
after surviving for nearly 27 years unnoticed

Think about that carefully.

Thousands of developers.
Millions of users.
Decades of audits.

And the bug still survived.

Until AI found it.

*Then Came FFmpeg
*
The second discovery was equally disturbing.

FFmpeg

FFmpeg powers a massive portion of the internet’s media infrastructure.

It is used in:

streaming platforms
browsers
editing software
mobile applications
surveillance systems
smart TVs
social media apps

A vulnerability hidden inside software this important for 16 years raises a serious question:

How many more vulnerabilities are still buried inside software we trust every day?
Why This Changes Cybersecurity Forever

This is the moment AI stopped being “just a coding assistant.”

We are now entering the era of:

AI-Powered Vulnerability Hunting

Modern AI systems can:

analyze huge codebases
understand logic flow
identify unsafe memory operations
detect hidden edge cases
reason across old legacy systems

Humans simply cannot manually audit software at this scale anymore.

AI can.

And it can do it dramatically faster.

The Good News

This technology could become one of humanity’s strongest cybersecurity defenses.

Imagine a future where AI:

audits every pull request automatically
scans every dependency continuously
discovers vulnerabilities before attackers do
protects hospitals, banks, airports, and governments in real time

This could reduce:

ransomware attacks
supply-chain compromises
critical infrastructure breaches
zero-day exploitation windows

For defenders, this is revolutionary.

The Terrifying Part

*Now comes the dangerous question.
*
What happens when attackers use the same AI?

Because they absolutely will.

If defensive AI can:

discover hidden vulnerabilities
analyze operating systems
find exploit paths

then offensive AI can do the same thing.

At scale.

Without sleep.

Without limits.

This could lead to:

automated zero-day discovery
AI-generated exploits
mass infrastructure scanning
highly targeted cyberattacks
autonomous offensive malware systems

The cybersecurity battlefield is evolving into:

AI vs AI

And that future may arrive much faster than people expect.

Why Legacy Code Is Becoming a Global Risk

Most modern infrastructure still depends on ancient software.

Many systems running today contain:

code written in the 1990s
unsafe C/C++ memory handling
abandoned libraries
undocumented dependencies
old networking implementations

For years, developers followed one dangerous assumption:

“If it has survived this long, it must be stable.”

AI just destroyed that belief.

Because now old code can be re-analyzed at a level humans never managed before.

Every forgotten function is now a potential attack surface.

Governments Are Already Preparing for This

Countries are taking AI-driven cybersecurity extremely seriously.

Organizations like:

CISA
NIST
ENISA

are increasingly focused on:

AI-assisted security
software supply-chain protection
automated vulnerability detection
critical infrastructure defense
AI governance and safety

Because future cyberwars may not be fought manually.

They may be fought between autonomous systems.

What Developers Should Start Doing Right Now

This is not something only security researchers should care about.

Every developer needs to adapt.

Developers should start:

learning secure coding practices
understanding memory safety
auditing dependencies regularly
updating legacy systems
integrating AI security tools into CI/CD
reducing unnecessary attack surfaces

Most importantly:

Stop assuming old code is safe.

Because AI will eventually inspect everything.

The Industry Is Entering a New Era

For decades, cybersecurity relied heavily on:

manual reviews
penetration testing
human intuition
traditional scanners

But software complexity has become too massive.

AI changes the equation completely.

The future may soon include:

AI security agents reviewing code 24/7
autonomous vulnerability discovery
real-time exploit prevention
self-healing infrastructure
AI-driven defensive architectures

At the same time:

attackers will weaponize these systems
exploit generation will accelerate
cyberattacks could become autonomous

This is no longer science fiction.

It is already starting.

Final Thoughts

The discovery of a 27-year-old OpenBSD vulnerability and a 16-year-old FFmpeg bug is bigger than a technical headline.

It proves something much deeper:

Software complexity has exceeded human auditing capability.

AI is becoming the only system capable of understanding modern software ecosystems at scale.

That can save the internet.

Or make cyber warfare far more dangerous than anything we have seen before.

The next generation of developers will not just write software.

They will work alongside AI systems that constantly inspect, defend, and challenge the code we depend on every single day.

And honestly?

This is probably only the beginning.

anthropic #mythos #cybersecurity

Windows Secretly Ate 83GB of My Disk Space — The Hidden .db-wal File Nobody Talks About

Dhaval Upadhyay — Mon, 18 May 2026 11:27:15 +0000

A few days ago my Windows PC had around 57GB free space.

Suddenly it dropped to:

4GB free
then 2GB free

The weird part:

I had not installed any new software
no large downloads
temp files cleanup barely recovered MBs

At first I thought:

Windows Update issue
Docker issue
browser cache
restore points

But the real culprit was something I had never seen before.

How I Found the Problem

I installed:

WinDirStat

After scanning the C: drive, I noticed:

ProgramData = 100GB+

Digging deeper revealed this monster:

C:\ProgramData\Microsoft\Windows\CapabilityAccessManager\CapabilityAccessManager.db-wal

File size: 83 GB

Yes. A single hidden Windows WAL file had silently consumed my disk.

What Is CapabilityAccessManager.db-wal?

It’s a SQLite WAL (Write-Ahead Logging) file used by Windows.

Related service:

Capability Access Manager Service (camsvc)

Windows uses it for:

microphone access logs
camera permissions
location/app capability tracking

Normally this file should only be a few MB.

In my case it became corrupted or stuck and kept growing endlessly.

Symptoms

If this happens on your PC, you may notice:

rapidly decreasing free disk space
system becoming slow
applications crashing
Windows warnings about low storage
no obvious large downloads

How I Fixed It

Step 1 — Open CMD as Administrator

Run:

net stop camsvc

Step 2 — Delete the Huge WAL File

C:\ProgramData\Microsoft\Windows\CapabilityAccessManager\CapabilityAccessManager.db-wal

Do NOT delete:

CapabilityAccessManager.db

Step 3 — Start Service Again

net start camsvc

Important Notes

This file is:

temporary log data
automatically recreated by Windows if needed

Deleting the .db-wal file does NOT damage Windows.

But avoid deleting the main .db file unless rebuilding the database intentionally.

Final Thoughts

This was one of the strangest Windows storage bugs I’ve encountered.

The scary part is:

Windows hides the folder
normal cleanup tools don’t show the issue
the file can silently grow to tens of GB

So if your disk space suddenly disappears for “no reason”, check for hidden WAL files before reinstalling Windows.

[Boost]

Dhaval Upadhyay — Fri, 07 Mar 2025 11:53:43 +0000

Install Docker using command line and pull code from github

Dhaval Upadhyay ・ Mar 5

#docker #webdev #devops #aws

Upload docker code using CI/CD pipeline of github action

Dhaval Upadhyay — Fri, 07 Mar 2025 11:19:11 +0000

1. Install Docker on your server

Click Here to get detailed description on how to upload your code on server using docker

2. Run " docker ps " command to get the image and container name

3. Store Secrets in GitHub

Go to GitHub Repo → Settings → Secrets and variables → Actions → New Repository Secret, and add:

- DOCKER_USERNAME → Your Docker Hub username
- DOCKER_PASSWORD → Your Docker Hub password/token
- SERVER_HOST → AWS Server IP
- SERVER_USER → ubuntu
- SSH_PRIVATE_KEY → Paste your AWS SSH Private Key

4. Create GitHub Actions Workflow

Create .github/workflows/deploy.yml in your repo:

name: Deploy to QA

on:
  push:
    branches:
      - master  # Runs on direct push to 'qa'

jobs:
  deploy:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout Code
        uses: actions/checkout@v3

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2

      - name: Log in to Docker Hub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}

      - name: Build and Push Docker Image
        run: |
          docker build -t dockerusername/myapp:${{ github.sha }} .
          docker push dockerusername/myapp:${{ github.sha }}

      - name: Deploy to Server
        uses: appleboy/ssh-action@v0.1.10
        with:
          host: ${{ secrets.SERVER_HOST }}
          username: ubuntu
          key: ${{ secrets.SSH_PRIVATE_KEY }}
          port: 22
          script: |
            docker pull dockerusername/myapp:${{ github.sha }}
            docker ps -a  # Debugging step to check existing containers
            docker stop myapp || true
            docker rm -f myapp || true
            docker run -d -p 3000:3000 --restart unless-stopped --name myapp dockerusername/myapp:${{ github.sha }}
            docker image prune -f

myapp - docker image name
create account on dockerhub

this process will login to docker hub , build your image and pull that image to your server
comment if you are facing any problem or need any help

Install Docker using command line and pull code from github

Dhaval Upadhyay — Wed, 05 Mar 2025 10:15:09 +0000

Introduction

Briefly introduce the importance of CI/CD in modern application development.
Highlight the benefits of deploying Node.js Docker applications using aws command line and GitHub Actions.
Outline the steps that will be covered in the blog.

Prerequisites

aws account.
GitHub repository with your Node.js application.
Basic knowledge of Docker and GitHub Actions.

Follow Below steps to install docker first

1. update the package list

sudo apt update
sudo apt upgrade -y

2. Install prerequisite packages

sudo apt install -y apt-transport-https ca-certificates curl software-properties-common

3. Add Docker's official GPG key

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

4. Set up the Docker stable repository

echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

5. Install Docker

sudo apt update
sudo apt install -y docker-ce docker-ce-cli containerd.io

6. Verify Docker installation

docker --version

7. Verify Docker installation

docker --version

Install Docker Compose

1. Download and install Docker Compose

sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

2. Set executable permissions

sudo chmod +x /usr/local/bin/docker-compose

3. Verify installation

docker-compose --version

Clone Your Node.js Project from GitHub

1. Install Git

sudo apt install -y git

2. Clone the repository

git clone "git_url"
cd "repo_name"

Create Dockerfile for Node.js Application

1. Inside the project directory, create a Dockerfile

# Use Node.js base image
FROM node:16-alpine

# Set working directory
WORKDIR /app

# Copy package.json and package-lock.json
COPY package*.json ./

# Install dependencies
RUN npm install

# Copy application code
COPY . .

# Expose the application port (e.g., 3000)
EXPOSE 3000

# Start the application
CMD ["npm", "start"]

Build and Run Docker Container

1. Build the Docker image

docker-compose build (if you have docker-compose.yml)

docker run -d -p 3000:3000 --name node_structure node:20 tail -f /dev/null  
(if you do not have docker-compose.yml)

2. Run the container

docker-compose up -d

3. Verify running container

docker ps

How to Secure PHP Applications from SQL Injection Attacks

Dhaval Upadhyay — Sun, 06 Oct 2024 07:51:56 +0000

Introduction

SQL Injection (SQLi) is one of the most dangerous vulnerabilities that can affect web applications, especially those built using PHP. It occurs when an attacker manipulates a query by injecting malicious SQL code, potentially gaining access to sensitive data or even compromising the entire database. Despite being an old vulnerability, SQL injection is still prevalent due to poor coding practices. This blog will guide you through understanding SQL injection and implementing the best practices to secure your PHP applications from this threat.

What Is SQL Injection?

SQL injection happens when an application allows user input to be passed directly into an SQL query without proper validation or escaping. This enables attackers to execute arbitrary SQL code on the database.

Example of SQL Injection Vulnerability:

$username = $_POST['username'];
$password = $_POST['password'];
$query = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";
$result = mysqli_query($conn, $query);

In this example, if a malicious user enters admin' -- as the username and leaves the password blank, the query becomes:

SELECT * FROM users WHERE username = 'admin' -- ' AND password = '';

The -- comments out the rest of the SQL statement, allowing the attacker to bypass authentication and potentially gain admin access.

Types of SQL Injection Attacks

In-band SQLi: The attacker uses the same communication channel (e.g., HTTP) to launch and receive the results of the attack.
Blind SQLi: The attacker cannot see the result of the attack directly, but can infer information based on the web application's behavior.
Out-of-band SQLi: This type relies on a separate communication channel to receive the attack results.

How to Prevent SQL Injection in PHP

To prevent SQL injection, you must ensure that user inputs are never directly embedded into SQL queries. Below are several methods to mitigate SQL injection vulnerabilities.

Key Takeaways

Use prepared statements (parameterized queries) to prevent SQL injection.
Validate and escape all user inputs, especially in scenarios where prepared statements aren't feasible.
Limit database user privileges to minimize potential damage.
Keep your application and database software up-to-date with security patches.

1. Use Prepared Statements (Parameterized Queries)

Prepared statements ensure that SQL code and user input are strictly separated. This method is the most effective and recommended practice for preventing SQL injection.

// Secure code using prepared statements
$stmt = $conn->prepare("SELECT * FROM users WHERE username = ? AND password = ?");
$stmt->bind_param("ss", $username, $password);  // "ss" represents the data types (string, string)
$stmt->execute();
$result = $stmt->get_result();

In this case, ? placeholders are used for user inputs, and the bind_param() function ensures the user inputs are treated as data rather than executable code.

Example with PDO:

// Secure code using PDO
$stmt = $conn->prepare("SELECT * FROM users WHERE username = :username AND password = :password");
$stmt->bindParam(':username', $username);
$stmt->bindParam(':password', $password);
$stmt->execute();
$result = $stmt->fetchAll();

2. Use Proper Data Validation and Escaping

Input validation ensures that user inputs conform to the expected format. For instance, if the input should be an integer, make sure it's validated as such.

// Input validation example
if (!filter_var($user_id, FILTER_VALIDATE_INT)) {
    die('Invalid user ID');
}

In cases where prepared statements cannot be used, escaping input with functions like mysqli_real_escape_string() or htmlspecialchars() helps mitigate risks by neutralizing harmful characters.

// Escaping example
$username = mysqli_real_escape_string($conn, $_POST['username']);

3. Limit User Privileges in the Database

Minimize the privileges of the database user account used by the PHP application. For example, an application account should not have DROP or DELETE privileges if they are not needed. This limits the damage an attacker can cause even if they manage to exploit an SQL injection vulnerability.

4. Avoid Displaying SQL Errors to Users

Do not expose database error messages to users, as they may provide useful information to attackers. Instead, log errors securely and show generic error messages to users.

// Example of handling errors
if (!$result) {
    error_log("Database query failed: " . mysqli_error($conn));
    echo "An error occurred. Please try again later.";
}

5. Use Web Application Firewalls (WAF)

A Web Application Firewall (WAF) can provide an additional layer of security by filtering out malicious SQL queries before they reach your application. While WAFs are not a substitute for proper coding practices, they can be a valuable tool in detecting and blocking SQL injection attempts.

6. Keep Software Updated

Regularly update your PHP version and database systems to patch known vulnerabilities. Outdated versions of PHP or database systems can have security flaws that may be exploited.

Conclusion

SQL injection remains a prevalent threat to PHP applications, but it can be easily avoided by following the best practices outlined above. Prepared statements are the most effective defense against SQL injection, but data validation, escaping, and secure error handling also play vital roles in protecting your application. By adopting these strategies, you can safeguard your web applications and maintain a secure development environment.

Upload Node.Js Code to azure using CI/CD pipeline using github actions

Dhaval Upadhyay — Sat, 24 Aug 2024 18:26:58 +0000

Introduction

In today’s agile development environment, continuous integration and continuous deployment (CI/CD) pipelines are essential for streamlining the software delivery process. In this blog, I’ll guide you through setting up a CI/CD pipeline using GitHub Actions to deploy your Node.js application to Azure.

Prerequisites

Before we start, ensure you have the following:

Azure Account: If you don’t have one, sign up for a free Azure account.
Azure Web App: Create a Web App in the Azure portal to host your Node.js application.
GitHub Repository: Store your Node.js application code in a GitHub repository.
Node.js Application: A basic Node.js application to deploy.

Step 1: Create an Azure Web App

Login to Azure Portal: Go to the Azure Portal.

Here’s a draft blog post on deploying Node.js code to Azure using a CI/CD pipeline with GitHub Actions. Feel free to modify it to match your style and preferences.

Title: Node.js Deployment Using Azure CI/CD Pipeline

Introduction
In today’s agile development environment, continuous integration and continuous deployment (CI/CD) pipelines are essential for streamlining the software delivery process. In this blog, I’ll guide you through setting up a CI/CD pipeline using GitHub Actions to deploy your Node.js application to Azure.

Prerequisites
Before we start, ensure you have the following:

Azure Account: If you don’t have one, sign up for a free Azure account.
Azure Web App: Create a Web App in the Azure portal to host your Node.js application.
GitHub Repository: Store your Node.js application code in a GitHub repository.
Node.js Application: A basic Node.js application to deploy.

Step 1: Create an Azure Web App

Login to Azure Portal: Go to the Azure Portal.

Click on “Create a resource” and choose “Web App.”

Fill in the required details, including the resource group, app name, and runtime stack (choose Node.js).

Step 2: Set Up GitHub Actions for CI/CD

Create a .github/workflows Directory:

Go To Deployment center

Select Code Resource and select github

Now Select github accout , repo and branch you want to deploy

Now click on preview you can see .yaml file structre here

In your github directory, you can see .github/workflows directory.

Step 3: Commit and Push Changes

Once your workflow file is set up, commit and push it to the main branch of your repository.

The pipeline will trigger automatically on every push to the main branch.

GitHub Actions will build your Node.js application, run tests, and deploy it to Azure.

You can also check the deployment logs in the GitHub Actions tab of your repository.

Conclusion

In this blog, we walked through the process of setting up a CI/CD pipeline using GitHub Actions to deploy a Node.js application to Azure. This setup not only automates the deployment process but also ensures that your application is always up-to-date with the latest code changes.

By leveraging Azure’s scalability and GitHub’s seamless integration, you can easily maintain and deploy your Node.js applications, allowing you to focus more on building features and less on managing deployments.

You can check Simple deployment without pipeline here https://dev.to/dhaval_upadhyay_30f8292a8/uploading-your-first-nodejs-code-to-azure-a-step-by-step-guide-43k5

Uploading Your First Node.js Code to Azure: A Step-by-Step Guide

Dhaval Upadhyay — Sun, 11 Aug 2024 09:19:06 +0000

Hello everyone! In this post, we'll walk through the process of uploading your first Node.js code to Azure. Whether you're new to Azure or just need a refresher, this guide will help you deploy your Node.js application with ease.

Prerequisites

Before we begin, ensure you have the following:

Node.js Installed: Make sure you have Node.js installed on your machine. You can download it from Node.js official website.

Azure Account: If you haven't already, sign up for an Azure account at azure.com.

Git Installed: You'll need Git to manage your code and push it to Azure.

Step 1: Create a Simple Node.js Application

Create one simple Node.js application and upload to github

Step 2: Prepare for Deployment

Login to azure
Click on App Services and click Create
click on create button and go to web app or click as per your requirement
create new resource group
Fill all necessary details and select pricing plans as per your requirement
go next and finally click Review & Create button
After creating you will see the overview of your app
click on deployment center
Here you will get FTP Creds to upload code.

In next step we will see how we can upload using github repo actions

azure #Node.js #devops #azureintegration #server #uploadNodecode