Services: The New Software, Two Paths Left for Software Companies, AI Agent Offensive Capabilities, M-Trends 2026, TeamPCP Wrecks the Supply Chain & the Evolution of AppSec Engineers
The LiteLLM backdoor through a pip install is the supply chain story I keep pointing to when PMs ask why their AI dependency review process needs to change. It is not the model vendors you are watching - it is the utility layer everyone installs without thinking.
The Sequoia framing on selling work rather than software is also the right lens. Security tooling is one of the first categories where that model actually holds because the outcome (not getting breached) is measurable and the liability is real.
The 22-second handoff number from M-Trends deserves its own post.
The LiteLLM backdoor through a pip install is the supply chain story I keep pointing to when PMs ask why their AI dependency review process needs to change. It is not the model vendors you are watching - it is the utility layer everyone installs without thinking.
The Sequoia framing on selling work rather than software is also the right lens. Security tooling is one of the first categories where that model actually holds because the outcome (not getting breached) is measurable and the liability is real.
The 22-second handoff number from M-Trends deserves its own post.