Tuesday, March 31, 2026
Supply chain attacks hit 100 million users while hardware goes software-defined
March 31 · 6 videos
Axios hit by a precision RAT.
100 million weekly downloads compromised.
Impulse built a 10,000 watt stove.
It runs on a 3kWh battery.
Hormozi sees $1M revenue per employee.
Vanta hits 15,000 customers.
The agent-centric infrastructure shift is here.
“AI will never be worse than it is right now.”
Millions of JS devs just got penetrated by a RAT…
Fireship · Fireship · 4 min
Watch on YouTube →A massive supply chain attack targeted the Axios library using a rogue dependency. It highlights the extreme vulnerability of the npm ecosystem to post-install scripts.
- The attack used a precision-guided Remote Access Trojan delivered via plain-crypto-js.
- Axios source code remained clean while the rogue dependency handled the payload.
- Malware targeted Windows, Mac, and Linux with tailored payloads.
- Attackers likely accessed AWS credentials and OpenAI API keys from compromised machines.
- The RAT self-destructs its installation traces to evade npm audit tools.
- Axios serves over 100 million weekly downloads on npm.
The Stove Guy: Sam D'Amico Shows New AI Cooking Features on America's Most Powerful Stove at Impulse
Sam D'Amico · Latent Space · 37 min
Watch on YouTube →Sam D'Amico explains how Impulse is reinventing home appliances with integrated batteries and software-defined power. This approach decouples the user experience from grid limitations.
- The Impulse stove uses a 3 kWh lithium iron phosphate battery to output 10,000 watts per burner.
- Integrated batteries allow the stove to boil a liter of water in 40 seconds.
- The company licenses Impulse Core to major OEMs to remain logistics-lightweight.
- Hardware is becoming software-defined, allowing for significant performance upgrades via OTA updates.
- The system uses Claude LLMs for real-time recipe adaptation and burner orchestration.
- Vertical integration allows ownership of the stack from the physical knob to the induction coil.
How to Win With AI in 2026
Alex Hormozi · Alex Hormozi · 24 min
Watch on YouTube →Alex Hormozi outlines the transition to AI-first business models where labor costs approach zero. He argues that workflow-based thinking must replace traditional role-based organization.
- AI-first portfolio companies are achieving over 1 million dollars in revenue per employee.
- The Bring Your Own Agent model will define the most valuable future employees.
- Hormozi advocates for a barbell strategy: AI-native operations versus immutable human needs.
- Anthropic manages its marketing department with only one person.
- The 20-hour rule applies to mastering AI tools before they become the industry standard.
- Startups have a competitive advantage by building without legacy organizational charts.
This Startup Catches Fraud at Scale
Karine Mellata · Y Combinator · 31 min
Watch on YouTube →Variance emerged from stealth with a 21 million dollar Series A to automate fraud detection using AI agents. The team of 12 uses AI to achieve the output of a much larger engineering org.
- Variance builds reasoning agents to detect complex fraud rings for Fortune 500 companies.
- The company operates with only five software engineers who manage their own AI coding agents.
- The founders maintained operations during a major medical crisis by building resilient systems.
- Stealth was used as a strategic advantage to avoid alerting fraud adversaries.
- Enterprise customers buy when a problem is on fire and unsolvable by traditional rules.
- The platform automates high-stakes tasks like content review and identity verification.
Why Netflix, Uber, and Spotify Never Lag: The Database Nobody Talks About | Aaron Katz, ClickHouse
Aaron Katz · Weights & Biases · 43 min
Watch on YouTube →ClickHouse CEO Aaron Katz discusses the shift toward agent-centric infrastructure and low-latency data stacks. He details the company's journey from a Yandex project to a 15 billion dollar entity.
- AI adoption is moving 100 times faster than the original transition to SaaS.
- ClickHouse raised a 50 million dollar seed round in 2021 without a pitch deck.
- The company executed a 100 million dollar wire transfer 30 minutes before the SVB collapse.
- Infrastructure is being redesigned for AI agents rather than human users.
- The DataDog-style frictionless developer experience is prioritized over top-down enterprise sales.
- ClickHouse is launching a managed Postgres service to unify transactional and analytical workloads.
Compliance at scale and why TAM is a distraction with Christina Cacioppo of Vanta
Christina Cacioppo · Stripe · 57 min
Watch on YouTube →Vanta founder Christina Cacioppo explains why compliance is the essential buying moment for startup security. She argues that market sizing is a lagging indicator of future friction reduction.
- Vanta has grown to 15,000 customers by automating the SOC 2 compliance process.
- Security is often a vitamin for startups, but compliance is a painkiller needed to close deals.
- GitHub now automates 92 percent of its security questionnaires using Vanta.
- The company maintains a 60 percent annual growth rate by focusing on agentic trust.
- Founders should be truth-seekers who avoid the delusion of bending market realities.
- AI agents are now handling the hourly labor of evidence collection for audits.
References
PeopleSam D'Amico (@sdamico) · Karine Mellata · Aaron Katz · Christina Cacioppo · Alex Hormozi · Jerome Powell · Jeff Bezos · Brian Johnson · Jared Friedman · Steve Wozniak · Alexey Milovidov · Mark Benioff · Yuri Izrailevsky · Peter Fenton · Fred Wilson · Brad Burnham · Pete Wasserman · Rob Kalin · Des Traynor
ToolsAxios · plain-crypto-js · Impulse Core · Claude · ClickHouse · Vanta · Postgres · npm · AWS · OpenAI · GitHub