From npm Hacks to AI Risk: Why Trust Infrastructure Is Breaking
What a week for security breaches... Claude Code source code leaked via a misconfigured npm package, exposing 500,000 lines of code and an entire unreleased feature roadmap. Mercor got hit through a compromised LiteLLM dependency, with Lapsus$ claiming 4TB of stolen data including source code, databases, and contractor video interviews. And the axios npm package, one of the most widely used libraries in JavaScript with 100 million weekly downloads, was hijacked by state actors who injected a cross-platform remote access trojan. All within about 48 hours. The common thread? Trust in the software supply chain (and soon to be agent supply chain…) is incredibly fragile. A single misconfigured file, a single compromised maintainer account, a single poisoned open-source dependency...and the whol
From GPU Hours to Token Dollars: The New AI Economy ($NVDA)
One thing I’m starting to believe - the companies who figure out pricing and packaging the fastest will have a big edge in the early days of this AI phase shift. I think it’s one of the hardest problems right now for any AI company! What makes pricing so difficult in an entirely new (and expensive) line item has entered COGS - inference. Whether you’re paying OpenAI / Anthropic directly, or paying someone else to run open source models, inference costs are exploding (and we’re just getting started….). A big question becomes - how can you price your product such that you don’t torpedo your business into perpetual negative gross margin land (or said more positively, how can you price your product to more tightly align with value delivered). A couple weeks ago I wrote a post titled “Get in th
Every week I meet with founders building in the agent space. And lately, I keep hearing the same concept come up over and over - digital twins (or some version of this). When a concept starts showing up as frequently as this one, my ears generally perk up. Digital twins are the thing perking up my ears! And I think they’re about to become one of the most important concepts in AI. I think they could become a layer that helps scales AI to the masses (and consumption of AI). So what actually is a digital twin? The term originally comes from manufacturing. You’d build a digital replica of a physical asset (a jet engine, a factory floor) to simulate and monitor it. With AI it’s the same core concept, but with a totally new application. In the AI era, a digital twin is just representing knowledg
AI Labs Profit Thesis: OpenAI & Anthropic Set Path to Sustainable Margins and High Retention
There seems to be endless debate around AI companies, and whether they have “upside down P&Ls” that will forever lose money, or if they will turn into cash cows in the future. Whether this sentiment is pointed at the large labs like OpenAI and Anthropic, or upstarts like Cursor, I hear it all the time! And I can’t tell if the bears just want to confirm their priors on AI negativity, if the bulls just have blind naive optimism, or if anyone really has a pov grounded in real analysis. As an early stage VC I certainly fall into the “perpetually optimistic” camp, so you can apply the appropriate filter to this post :) But for this post I wanted to focus on the profitability debate centered around the large labs, and why I think they’ll turn into wildly profitable business. There’s three ma
As always, these posts are more of a brain dump of “what I’m thinking” about…And lately I’ve been thinking about a pattern that keeps showing up when I study the biggest infrastructure winners of the cloud era, and what it means for AI companies today. Here’s the general idea: the biggest infrastructure winners of the cloud era monetized the core consumption primitive of the platform. In the cloud era, that primitive was compute, storage, and network I/O. In the AI era, it increasingly looks like tokens. Let’s unpack. When cloud computing first started taking off, the core primitive of the platform was very clear: compute. Everything that happened in the cloud ultimately boiled down to compute cycles running somewhere inside a data center. Storage, networking, and databases all mattered of
By now I’m sure everyone has seen Jack Dorsey’s tweet. For those who haven’t seen it (or don’t care to read it), he announced a ~40% headcount reduction at $Block, Inc.(XYZ)$ (formerly Square). This is a massive move… You rarely see headcount reductions this large. Throughout the post he used the word “intelligence” - which really can be replaced with “AI.” “we're already seeing that the intelligence tools we’re creating and using, paired with smaller and flatter teams, are enabling a new way of working which fundamentally changes what it means to build and run a company. and that's accelerating rapidly” and later: “we're going to build this company with intelligence at the core of everything we do.” I’ve broadly seen two different reactions to thi
Another week and software continues to grind lower. However, despite all of the carnage, there was another big winner this week! $Fastly, Inc.(FSLY)$ is up ~100% over the last week. The week prior, $8x8(EGHT)$ had the big week (they were up ~70% in a week). Always an opportunity somewhere… I thought I was done talking about “is software dead” after the last couple weeks Clouded Judgement posts, but I just had more thoughts I wanted to share… I think two things are true. I think people are simultaneously under and over estimating the impact AI will have on the existing software complex. The difference is the timing. Overestimating in the short term, and underestimating in the long term. I see a lot of argu
Is Software Entering a New AI Driven Commoditization Cycle?
Another week and software continues to grind lower. However, despite all of the carnage, there was another big winner this week! Fastly is up ~100% over the last week. The week prior, 8x8 had the big week (they were up ~70% in a week). Always an opportunity somewhere… I thought I was done talking about “is software dead” after the last couple weeks Clouded Judgement posts, but I just had more thoughts I wanted to share… I think two things are true. I think people are simultaneously under and over estimating the impact AI will have on the existing software complex. The difference is the timing. Overestimating in the short term, and underestimating in the long term. I see a lot of arguments claiming software is dead because everyone will just vibe code their own software. I don’t buy this at
Software Is Dead...Again...For Real this Time...Maybe?
Last week I wrote a post titled “Software is Dead…Again.” Since then, $iShares Expanded Tech-Software Sector ETF(IGV)$ is down ~20% (in just 1 week!). If software was dead a week ago what is it now, down an incremental 20%?! First - some fun stats The median NTM revenue multiple (cue all the comments “he’s still talking about revenue multiples?!?”) is 3.6x. This is the lowest it’s been in the last 10+ years. For the revenue multiple haters, the median FCF multiple is 16x NTM FCF, for median growth rate of ~20% (alas, once again, cue another set of haters, saying none of the FCF is real and it’s all sitting in SBC). Can’t escape it, maybe software is a zero with no valuation support. Was good while it lasted. 39% of my software index is trading <