Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
LinkedIn

How VCs Add Value: the GP Value Creation Toolbox — and the Three Partners Who Use It Differently

In our work with emerging VC fund managers globally, most say they add value. Yet, few can tell you exactly how. That gap — between the claim and the clarity — is what Scott Newton and I set out to ...
Thurrott

Anthropic Engineer Debates Use of Markdown vs. HTML in AI Agent Output

Markdown has emerged as the lingua franca of AI, especially with the proliferation of AI agents. But an Anthropic engineer argues that HTML is a better choice for output. And despite my love of ...