Supply Chain

OpenAI says no user data or model IP was compromised in the TanStack attack. Good. The more useful takeaway is that frontier AI labs are now exposed to the same boring dependency failures as everybody else.

The Vercel/Context.ai breach didn't start with a phishing email or a zero-day. It started with a Vercel employee downloading a cracked game. What followed is a masterclass in modern supply chain attacks.