Looks like the site got hit by the CVE-2026-26980 exploit right shortly before I posted this. This was helpful in identifying the malicious code that was added to the footer of every page, thank you!
OP/author here! Apologies about the malware and captcha. It looks like my site was exploited by CVE-2026-26980 affecting all Ghost sites pre v6.19 [1][2] An API key was hijacked to inject malicious JS into every page that looks like a cloudflare captcha; it seems that the JS only targeted windows users, so I didn't catch it before I shared the post widely.
The site has been upgraded to 6.44 to close the vulnerability, I rotated every API key and account credential, and both manually and programmatically scrubbed every instance I could find of the code injection across the database. I think we're clear now!
Sorry to anyone caught by this and thank you to folks for flagging it (and thanks to the HN team for letting me follow up on this after comments were closed). I'm seriously mortified. X_X
> “[Companies with a good trajectory] give your resume (and career) a pedigree and an opportunity to work alongside some of the top talent or top operational structures in an industry. They also offer great paychecks that compensate for whatever issues may be present.”
Companies with a good trajectory can be awful to work for but their trajectory — and subsequently their ability to allocate value (pay, headcount, interesting challenges) to teams to make them more competitive — in my view compensates for whatever drawbacks come from them. There is some benefit to working for them. For a bad company, there is often little explicit value for working there unless you’re personally passionate about the work/industry or you need a job.
Said differently: a good company delivers value to you. In a bad company, you have to drag personal value out.
A quick reminder to all commentators that in addition to Turbotax and Quickbooks, Intuit also owns MailChimp for (nowadays pretty broad) marketing, CreditKarma for your credit scores/analysis (and pitching you credit cards), and professional enterprise tax prep software. There’s a lot of red-queening happening in AI for marketing and financial assessment software. Individual tax prep, maybe not as much?
An interesting takeaway is that heretofore most of that advances have been not from “invention” but from a breadth of visibility. LLMs have been able to be “creative” because of the volume of work that they cover and can draw lines and associations between, not in discovering things that did not exist previously (though an argument can be made that something like AlphaFold was “discovering” and “intuiting” associations that were not explicit anywhere previously, uniquely found by the AI… but I’d argue back something about the bitter lesson and we’d go on for more than a few threads).
Somewhat ironic then, to not make this more explicit in an article about solving a combinatorial problem.
“I spent 6 years building my Kanban as I hated how managers run the boards”… only to discover that problem was the managers and workflows designed for their legibility (not engineers), not the technology or software itself, and that the tech itself could be rebuilt in a weekend nowadays?
They weren’t shilling at all, it was a passive statement of fact. In fact, they didn’t mention LLMs at all and a kanban board could be built in a weekend without one so it’s not even clear if your comment is on topic
The way people use AI is the opposite of focus. It’s throw as much as you can against the wall because it is fast and cheap and possible. It is peanut buttering. Companies today mandate AI use so indiscriminately that you might as well call it a comparative disadvantage. It’s not that the AI is bad, but that people haven’t figured out that the core competency of an organization is focus and coordination to achieve a goal, and that victory is external — users, customers. But AI is used to unfocus, to spread, and to meet internal goals - build more, etc. The challenge was never writing more code or creating more content (all of which is ultimately a long tail of debt that needs to be cleaned up and managed by someone else), which can be done cheaply enough with other paths. It was figuring out what is worth doing, and aligning everyone around that. So in a sense, I welcome company AI mandates today because they are so misdirected as to make “doing things they inefficient way they were done before” a relative advantage.
There's your confirmation, then. It must be either a localized failure to some subgroup of users, or triggered by some combination of settings, if some people are seeing it and others are not.
This. I encouraged my team to use a templated (standardized) ADR for any big decisions that don’t have an obvious answer or complete consensus and it had reduced the second guessing and relitigation of decisions to nearly zero. It also gave is a good snapshot of where we were when we made that call so historic decisions weren’t disparaged.
reply