Blog

Writing for founders who ship software.

Honest posts on stuck products, AI-native development, the build-vs-hire decision, and what each industry actually needs from the software you put in front of it.

Latest

AI-native builds

June 15, 2026 · 5 min read

Building 'Lita's Kitchen: how a 2024 Arizona law became a marketplace in days

A build-in-public look at how we turned Arizona's Tamale Bill into 'Lita's Kitchen, a bilingual marketplace for home cooks, and built it with AI in days, not months.

Read the post →

All writing

Browse by latest

Vibe coding security

What April's AI Coding Breaches Mean for Your Launch

In one week, three AI coding platforms leaked source code and credentials. Here is the pattern, and the check every founder should run before launch.

June 2, 2026 · 7 min read

Vibe coding security

The four things we look for when we audit a vibe-coded app.

Every AI-built app we audit has at least one of these four gaps. Most have three. None of them require code-writing to detect. All of them require knowing where to look.

May 28, 2026 · 6 min read

Vibe coding security

An AI-built EdTech app exposed 4,538 UC Berkeley and UC Davis student accounts. The marketplace closed the ticket without a response.

18,697 user records leaked. Minors likely on the platform. The founder built the app with good intentions and shipped before they knew what row-level security was. This is one answer to the question of whether vibe coding security risk is theoretical.

May 25, 2026 · 5 min read

Vibe coding security

AI-Generated Code Has 2.74x More Security Flaws (2026 Data)

Peer-reviewed 2025 and 2026 studies put exploitable flaws in AI code at 40 to 62 percent. Our audit of 200-plus vibe-coded apps found 91.5 percent had at least one.

May 19, 2026 · 5 min read

Vibe coding security

Moltbook leaked 1.5 million API auth tokens three days after launch. The founder had never heard of row-level security.

A breakdown of how an AI-built product can ship a working authentication system and still expose every user. The pattern shows up in almost every vibe-coded app we audit.

May 13, 2026 · 5 min read

Stuck products

Five tells your software project is dead, and what to do at each stage

Non-technical founders rarely get a clean signal that their build has gone off the rails. By the time it is obvious, the runway is mostly gone. Here is how to read the warning signs earlier.

May 12, 2026 · 4 min read

Vibe coding security

Five thousand vibe-coded apps just leaked their users' data. There was no breach. There was no hacker.

RedAccess scanned the open web this month and found public S3 buckets, unprotected Supabase tables, and open API endpoints exposing medical records, Fortune 500 documents, home addresses, and hotel reservations. The AI that built the apps did not configure storage permissions, and the founders did not know to check.

May 11, 2026 · 6 min read

Pillars

What we write about.

Vibe coding security

Apps built with AI look fine on the surface. The data is wide open underneath. Audits, patterns, and case studies.

Stuck products

Diagnosing, recovering, and rescuing software that lost its way.

AI-native builds

How to wire AI into products from day one, not bolt it on later.

Build vs hire

Decision frameworks for non-technical founders sizing up engineering options.

Industry playbooks

What home services, construction, legal, restaurants, franchise, and healthcare actually need from software.

Founder mental models

Broader thinking for non-technical founders managing technical work.

Need help on a stuck product or a new build? The diagnostic is free.

Run the diagnostic Book a call