Well, people weren't checking CVEs before pip install before CC either, CC just scaled the habit to a larger audience at a faster cadence. The blast radius for day-zero compromises is what changed.
Well, people weren't checking CVEs before pip install before CC either, CC just scaled the habit to a larger audience at a faster cadence. The blast radius for day-zero compromises is what changed.
How has the blast radius changed though? The vibecoders that weren't developers before? If someone switched from pip installing themselves to having Claude do it, I don't see how that increased the blast radius.