Blog

Notes on Building and Shipping

Practical writeups covering implementation details, product decisions, and tools that matter in real projects.

Page 2 of 4

  1. Project Glasswing Shows Where Frontier Security Is Going

    Anthropic's Project Glasswing shows frontier models moving into defensive security work, while also making exploit generation cheaper and faster for attackers.

    cybersecurityaimodel-safetyinfrastructure

  2. OpenAI's Safety Fellowship Is a Map of Open Problems

    OpenAI's Safety Fellowship is less a branding move than a list of safety and alignment problems the company still wants outside help to solve.

    openaiai-safetyalignmentresearch

  3. TimesFM 2.5: A Practical Read for Forecasting Teams

    TimesFM 2.5 is one of the most credible open forecasting foundation models right now, especially for fast multi-series experiments with long context and quantile output.

    time-seriesforecastingtimesfmgoogle-research

  4. Axios Supply-Chain Attack: What Actually Happened

    In late March 2026, two malicious Axios versions were published to npm and weaponized install-time scripts through a fake dependency, creating a short but high-impact supply-chain window.

    securitysupply-chainnpmjavascript

  5. Codex Pricing Is Moving From Seats to Usage

    OpenAI's new Codex seat model separates general ChatGPT access from usage-based coding access, which makes pilots easier to start and easier to measure.

    ai-codingopenaicodexpricing

  6. Cisco IMC Advisories: What Operators Need to Patch First

    Cisco published two IMC advisories on April 1, 2026, including an auth bypass and several root-level command execution flaws across server and appliance families.

    securityciscovulnerability-managementincident-response

  7. Are We Moving Beyond React? The Rise of Visual State Systems

    React still leads frontend development, but signals and graph-oriented visual systems are changing how teams manage complexity and rendering cost.

    reactsignalsstate-managementui-architecture

  8. Making RAG Respect Permissions

    A practical ACL-aware RAG blueprint that captures NTFS permissions at index time and enforces authorization inside retrieval.

    ragsecurityaclactive-directory

  9. Why Quantization Is About to Make Local AI Explode

    Local AI adoption is accelerating because quantization shifts model memory and latency into ranges that regular developer hardware can actually sustain.

    local-aiquantizationollamacpu-inference

  10. The IDE Is Dying. Agent Environments Are Replacing It

    The center of software development is shifting from writing every line manually to directing agents across editor, terminal, and cloud environments.

    ai-codingcodexclaude-codecursor