My thoughts
A close re-reading of Andrej Karpathy's "[1hr Talk] Intro to Large Language Models" — what the foundational ideas were, what aged spectacularly well, and why this 2023 talk is still the first thing I'd hand someone in 2026.
Two techniques worth remembering from TryHackMe's Opacity — bypassing PHP upload filters with a fragment character, and cracking .kdbx files with keepass2john + john.
How an exposed /actuator/sessions endpoint on the HTB CozyHosting box turns into a full authentication bypass — and a refresher on the sudo ssh GTFObin.