Topics | Spoiledlunch

Start here

Read this beat in order

Start here if you want the site’s consistent AI position: governance becomes real only once the system is deployed, observed, and capable of being challenged under live conditions.

Step 1

Why AI Governance Frameworks Are Security Theater

April 20, 2026 / 4 min read

The clearest statement of what Spoiledlunch rejects in enterprise AI governance.

Most enterprise AI governance frameworks are elaborate exercises in checkbox compliance that miss the actual risks. They’re designed to satisfy auditors and …

Start here

Step 2

AI Governance Gets Real Only After Deployment

April 24, 2026 / 2 min read

The main bridge from framework talk into runtime evidence, monitoring, and intervention.

The industry still talks about AI governance like the hardest part is agreeing on principles before launch. Recent work from NIST and OpenAI points to a different …

Start here

Core threads

What this beat keeps arguing about

Questions

Start with the pressure points

What evidence can challenge the deployed system quickly enough to matter?
Where is the model being used, and where has dependency spread faster than oversight?
Who can intervene when the live system fails in a way the review board never modeled?

Brief

Our response to the TanStack npm supply chain attack

May 13, 2026

Summary: OpenAI details its response to the TanStack “Mini Shai-Hulud” supply chain attack, outlines protections taken to secure systems and …

Read brief

Brief

How finance teams use Codex

May 12, 2026

Summary: See how finance teams can use Codex to build MBRs, reporting packs, variance bridges, model checks, and planning scenarios from …

Read brief

Brief

ABB AC500 V3 Multiple Vulnerabilities

May 12, 2026

Summary: View CSAF Summary ABB became aware of severe vulnerability in the products versions listed as affected in the advisory. Why it …

Read brief

Brief

ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax

May 12, 2026

Summary: View CSAF Summary ABB became aware of vulnerability in the products versions listed as affected in the advisory. Why it matters: …

Read brief

Brief

ABB Automation Builder Gateway for Windows

May 12, 2026

Summary: View CSAF Summary ABB became aware of severe vulnerability in the products versions listed as affected in the advisory. Why it …

Read brief

Brief

ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities

May 12, 2026

Summary: View CSAF Summary ABB became aware of multiple internally discovered vulnerabilities in the WebPro SNMP card PowerValue for the …

Read brief

Brief

Fuji Electric Tellus

May 12, 2026

Summary: View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to elevate privileges from user to system, …

Read brief

Brief

Opinion 13/2026 on the draft decision of the Office of the Data Protection Ombudsman (FI SA) regarding the ...

May 12, 2026

Summary: Opinion 13/2026 on the draft decision of the Office of the Data Protection Ombudsman (FI SA) regarding the … Why it matters: …

Read brief

Brief

Software Bill of Materials for AI - Minimum Elements

May 12, 2026

Summary: CISA and the Group of Seven (G7) international partners—Germany, Canada, France, Italy, Japan, the United Kingdom, and the European …

Read brief

Brief

Subnet Solutions PowerSYSTEM Center

May 12, 2026

Summary: View CSAF Summary Successful exploitation of these vulnerabilities could allow an authenticated attacker to expose sensitive …

Read brief

Brief

AutoScout24 scales engineering with AI-powered workflows

May 12, 2026

Summary: Learn how AutoScout24 Group uses Codex and ChatGPT to speed development cycles, improve code quality, and expand AI adoption. Why …

Read brief

Brief

How NVIDIA engineers and researchers build with Codex

May 12, 2026

Summary: Teams use Codex with GPT-5.5 to ship production systems and turn research ideas into runnable experiments. Why it matters: This …

Read brief

Other beats

Explore another topic

Topic

GRC

Topic

Security