GitHub Actions Turned CI Into the Package Manager Nobody Audits Apr 30, 2026 field note #security#github-actions#supply-chain
The Vercel breach and the vibe coding monoculture Apr 21, 2026 field note #security#supply-chain#oauth
The Vercel Breach Wasn't a Zero-Day. It Was an AI Supply Chain Attack. Apr 20, 2026 field note #security#supply-chain#oauth