OpenAI Issues ‘Code Red’ as DeepSeek & Gemini Step Up

Hello!

If you're feeling whiplash from the AI race right now, you're not alone. OpenAI just called "code red", while Amazon rolled out coding agents that can work for days without supervision. 

But let's talk about something that might hit closer to home: the second npm supply-chain attack in weeks just compromised Zapier, Postman, and hundreds of other packages.

On the leadership front, I've got some reads that might explain why your last three projects felt like pushing water uphill. Turns out most "leaders" are actually just ICs or managers in disguise, and layoffs have killed trust across so many teams that authenticity is the only currency left.

Oh, and if you’ve thought Excel is boring, you’re the only one. Juggling spreadsheets is now an e-sport with a £45k prize and an actual wrestling belt. 

Sounds good? Then grab your coffee and enjoy Frictionless.

In the Queue

• How Google Built the Biggest Kubernetes Cluster

• DeepSeek Releases New Models

• 2026 Guide to NodeJS

• Why Good Engineers Write Bad Code?

• From GPT-3 to Gemini 3: What Changed?

• Start Using Dependency Cooldowns

Reduce Friction

Leading in Low-Trust Times

Layoffs and budget freezes have killed trust across many teams, making authenticity the only real path forward. Holding honest conversations and collaborative problem-solving can stop cynicism from turning into mass exit. 

How IT Managers Fail Software Projects

Billion-dollar companies keep repeating the same mistakes because leadership ignores decades of lessons. Unrealistic scopes and wishful thinking still derail more projects than any technical issue ever will. 

How Good Engineers Write Bad Code At Big Companies

Turns out re-orgs and overloaded experts might be what’s shaping your code quality. Most big-tech engineers work in codebases they barely know, turning "bad code" from a mystery into a predictable side effect of constant churn. 

ICs vs Managers vs Leaders: Why Real Leadership is Rare

Many people with "leader" in their title are really operating as ICs or managers, which explains why big companies so often stall in politics and polite inaction. Knowing it gives CTOs a way to tell who's maintaining the system and who's transforming it.

Deepen Your Expertise

Shai Hulud Launches Second Supply-Chain Attack: Zapier, ENS, AsyncAPI, PostHog, Postman Compromised

Shai-Hulud's "Second Coming" exposed the fragility of the npm ecosystem. A self-replicating worm pushed malicious updates into hundreds of popular packages and exfiltrated secrets to public GitHub repos. If your team ships JavaScript, now's the time to audit dependencies and limit how much power your package installs have.

Guide to NodeJS: What is it Used for in 2026?

Enterprises still rely on Node.js, especially for systems where speed and concurrency can make or break performance. My new guide lists its strengths across different enterprise use cases.

We Should All Be Using Dependency Cooldowns

Dependency cooldowns might be one of the simplest ways to block most supply-chain attacks. Why? Because the malicious window in the wild is usually measured in hours or days. Delay updates by a week, let the ecosystem catch bad releases, and avoid 80–90% of the risk with almost zero effort.

How Google Does It: Building the Largest Known Kubernetes Cluster, with 130,000 Nodes

Google proved GKE can run a 130,000-node Kubernetes cluster, sustaining 1,000 pod operations per second while preempting and rescheduling massive AI workloads. Most teams don't need 130K nodes, but Google’s insights will help teams and projects of any size.

AI Corner

OpenAI Declares ‘Code Red’ as Google Catches Up in AI Race

A "code red" was announced at OpenAI, as Google's Gemini 3 gained popularity. The company was to halt new projects and refocus entirely on improving ChatGPT's speed, reliability, and personalization.

Amazon's New AI Can Code for Days Without Human Help. What Does That Mean for Software Engineers?

Amazon's new AI agents can code, test, and troubleshoot systems for days without supervision, moving AWS well past the coding assistant era. The arrival of these ‘fronteer agents’ means engineering teams should expect big changes to workflows and delivery.

Three Years from GPT-3 to Gemini 3

The recent update changed Gemini from a chatbot to a coworker. Using minimal prompts, it can do almost anything you ask it. Three years ago, GPT-3 was groundbreaking, so what changes will we see in 2026?

DeepSeek Debuts New AI Models to Rival Google and OpenAI

DeepSeek's V3.2 models put China back in direct competition with OpenAI and Google. It matches GPT-5 on reasoning tests while adding autonomous tool use that behaves more like an agent than a chatbot.

Just Cool

Competitive Excel: 'It's the Golden Age of Spreadsheet Geekery'

Some people really do hit F9 for adrenaline. Excel has somehow become a full-blown e-sport, where competitors battle through logic puzzles for a wrestling belt and a £45k prize. It's peak spreadsheet chaos that’s genuinely fun to watch.

Let’s Stay in Touch! 📨 

Do you have any comments about this newsletter issue or questions you want to ask? Drop me a message or book a meeting.