DevOps/SRE Blog Scanner
Dark/Light

Filestore instance replication now available

- GCP storage blogs - April 02, 2025

Filestore Instance Replication now available on Google Cloud! Meet business continuity goals with efficient replication.

Google, ByteDance and Red Hat improve AI on Kubernetes

- GCP containers blogs - April 02, 2025

Learn about new capabilities developed in partnership with ByteDance and Red Hat for LLM inference running on Kubernetes clusters.

ImageRunner exploit let attackers access private GCP container images; Google patched issue Jan 28, 2025.

While various AI/ML application risks are like traditional application security risks, runtime security for new models requires new methods. 

Fintech companies need architectures that can handle vast amounts of real-time data while ensuring a seamless experience for users.

93% of service providers struggle with NIST compliance—automation reduces manual work by 70%, boosting efficiency.

Outlaw malware exploits weak SSH credentials + uses worm-like spread since 2018 + enables cryptojacking.

The new Multi-Cluster Orchestrator service helps platform and application teams manage workloads across Kubernetes clusters across regions.

On a bright sunny London day, attendees from all over the world flocked to the ExCel Arena for the first day of KubeCon + CloudNativeCon 2025. Here's a quick recap of the keynotes.

How SSL Misconfigurations Impact Your Attack Surface

- thehackernews.com - April 02, 2025

53.5% of websites have weak SSL setups—leaving attack surfaces exposed and increasing breach risk.

KubeCon EU 2025: Kubernetes vNode, From the Makers of vCluster

- thenewstack.io kubernetes - April 02, 2025

LoftLabs' new vNode lightweight runtime isolates individual Kubernetes nodes for both improved multitenancy security and resource efficiency.

Benchmarking a 65,000-node GKE cluster with AI workloads

- GCP containers blogs - April 02, 2025

As we develop and deploy ever-larger LLMs on Google Kubernetes Engine, we benchmark massive AI workloads running on a 65,000-node GKE cluster.

A survey of practitioners and IT leaders finds that reliance on open-source software to enable observability continues to increase.

FIN7 deploys Anubis backdoor via malspam to control Windows systems using stealthy, memory-resident payloads.

Hijack Loader now uses call stack spoofing and ANTIVM modules to bypass detection and persist.

In today's rapidly evolving tech landscape, containers have become the cornerstone of modern application deployment. As businesses increasingly adopt microservices architectures, the demand for robust, scalable, and secure container management solutions has never been higher. We're thrilled to announce that Amazon Web Services (AWS) has been recognized as a Leader in the 2024-25 Omdia Universe […]

Agentic AI and Platform Engineering: How They Can Combine

- thenewstack.io platform-engineering - April 01, 2025

Agentic AI is a way to expand on top of platform engineering initiatives, to enable asymmetric scaling in the face of Kubernetes complexity.

Over 1,500 PostgreSQL servers compromised via weak credentials and SQL abuse, enabling fileless crypto mining.

DevOps should be an enabler, not a gatekeeper. And that starts with fixing how we manage infrastructure at scale.

Gmail launches client-side E2EE beta on its 21st birthday, simplifying encryption and boosting admin control.

KubeCon EU 2025: Edera Protect Offers a Secure Container

- thenewstack.io containers - April 01, 2025

The Edera team took the best of virtual machine hypervisor design and shifted it over to containers.

Lucid PhaaS hit 169 targets in 88 countries by abusing iMessage and RCS to bypass SMS filters

SageMaker AI and Networking - Digi Hunch

- digihunch.com - April 01, 2025

This post reviews the networking connectivity options for notebooks, inference endpoint and pipeline jobs in SageMaker AI.

As organizations continue to expand their cloud infrastructure by connecting multiple Amazon Virtual Private Clouds (Amazon VPC) across accounts and regions, the complexity of managing their network environment increases. AWS Transit Gateway has emerged as a powerful solution to simplify this complexity by providing a centralized hub for secure communication between Amazon VPCs, on-premises systems, and […]

Apple patched 3 live exploits—CVE-2025-24085, -24200, -24201—across legacy iOS/macOS devices to block escalation attacks.

Facebook Pixel exposed CSRF tokens at major retailer; Reflectiz detected breach early, preventing €20M GDPR fines.

23,958 IPs scanned Palo Alto GlobalProtect portals in late March, signaling systemic recon before potential exploits.

Earth Alux used VARGEIT and MASQLOADER in APAC and LATAM cyberattacks, bypassing defenses via stealth techniques.

Amazon Q Developer recently added support for customizing C# and C++ suggestions based on your company's codebase. This blog post explores how developers can tailor the AI assistant to provide accurate inline suggestions and contextual code understanding for their C# and C++ projects. You will learn how to leverage customizations to boost productivity, streamline development […]

A JFrog global survey of professionals finds organizations that still allow developers to download packages directly from the internet.

NVIDIA today open sources Run:ai's KAI Scheduler, a project that helps AI teams optimize GPU resource allocations in Kubernetes clusters.

Apple fined €150M for applying double consent only to third parties in ATT, breaching French privacy law.

Learn more about the AWS News Blog writers, their backgrounds, and expertise.

Safeguarding business-critical cloud resources against accidental loss and external threats such as ransomware is a top priority for modern organizations. These companies utilize privacy-enhancing technologies, malware scanning, and the ability to protect from accidental deletion to form key pillars of a strong data security posture. This combination helps ensure that data remains secure, protected from […]

Under the hood: Amazon EKS Auto Mode | Amazon Web Services

- AWS containers blogs - March 31, 2025

This blog post was co-authored by Alex Kestner, Sr Product Manager – EKS; Todd Neal, Sr. Software Engineer – EKS; Neelendra Bhandari, Sr Software Dev Manager – EKS; and Sai Vennam, Principal Specialist Solutions Architect. At re:Invent 2024, we launched Amazon Elastic Kubernetes Service (Amazon EKS) Auto Mode, a new feature that provides a production-ready, […]

Amazon Web Services (AWS) today revealed it is streamlining IT incident management by adding generative artificial intelligence (AI) capabilities to the AWS revealed it's adding generative artificial intelligence (AI) capabilities to the Amazon OpenSearch service.

Today, I'm happy to announce Amazon Q Developer support for Amazon OpenSearch Service, providing AI-assisted capabilities to help you investigate and visualize operational data. Amazon Q Developer enhances the OpenSearch Service experience by reducing the learning curve for query languages, visualization tools, and alerting features. The new capabilities complement existing dashboards and visualizations by enabling […]

Amazon API Gateway now offers IPv6 support across all endpoint types, custom domains, and management APIs in all commercial and AWS GovCloud regions, enabling dual-stack configuration options as a solution to growing IPv4 address scarcity.

KubeCon EU 2025: Mirantis' k0s and k0smotron Join CNCF Sandbox

- thenewstack.io kubernetes - March 31, 2025

This cluster management program's key innovation is its ability to host and manage Kubernetes control planes as containers within a cluster, significantly reducing operational overhead and costs.

This post was jointly authored by Elizabeth Fuentes (Developer Advocate), Ikenna Izugbokwe (Principal SA), and Steven David (Principal SA). Amazon Elastic Kubernetes Service (Amazon EKS) provides add-ons that streamline supporting operational capabilities for Kubernetes applications. Still, customers rely on a wide range of Kubernetes add-ons to run their containerized applications. These add-ons come from different […]

Water Gamayun exploited CVE-2025-26633 to deploy SilentPrism, DarkWisp, and stealers with persistence.

Help us defeat a patent troll claiming methods for "manipulation of complex hierarchical data" and "analysis of hierarchical data" were invented in 2005. We're excited to launch 2 additional Cloud…

Faseela Kundattil is one of those people who just seems to do a lot of things: Cloud Native Developer, project maintainer, CNCF Ambassador, LFX mentor, Technical Oversight Committee member, new mom…

If you are attending the upcoming KubeCon + CloudNativeCon Europe 2025 conference in London, check out the CNCF End User Technical Advisory Board (TAB) member recommendations for their top talk…

CloudBolt Acquires StormForge To Enhance Kubernetes Optimization

- thenewstack.io kubernetes - March 31, 2025

Want to save money with your Kubernetes deployments? This pairing of CloudBolt and StormForge may be just what you need.

Google Cloud's Archana Ramamoorthy explores our approach to digital sovereignty, and how it can help you grow your organization.

It's AWS Summit season! Free events are now rolling out worldwide, bringing our cloud computing community together to connect, collaborate, and learn. Whether you prefer joining us online or in-person, these gatherings offer valuable opportunities to expand your AWS knowledge. I'll be attending the AWS Amsterdam Summit and would love to meet you—if you're planning […]

ML and LLM Adoption Challenged Most Often by Observability

- thenewstack.io observability - March 31, 2025

Observability and monitoring — not security — is the most cited challenge when moving ML models into production, according to a new survey.

Increasing developer productivity has been a persistent challenge for senior leaders over the past decades. With the rise of generative artificial intelligence (AI), a new wave of innovation is transforming how software teams work. Generative AI tools like Amazon Q Developer are emerging as game-changers, supporting developers across the entire software development lifecycle. But how […]

What eBPF Means for Observability vs. Security

- thenewstack.io observability - March 31, 2025

eBPF's extensive coverage across environments, including Kubernetes, has been a boon for observability, security monitoring and networking.

Threat actors hide malware in WordPress mu-Plugins, exploiting 4 CVEs in 2024 to hijack websites.

KubeCon EU 2025: Komodor's Fix for Configuration Drift

- thenewstack.io kubernetes - March 31, 2025

Komodor detects deviations from expected configurations, provides a timeline view of changes, and offers tools for root-cause analysis and remediation.

Google patched a Chrome 0-day (CVE-2025-2783) used in live attacks on Russian targets via phishing.

5 Impactful AWS Vulnerabilities You're Responsible For

- thehackernews.com - March 31, 2025

75% of AWS breaches stem from customer misconfigurations + AWS secures infra only + real risk persists.

Gamaredon targets Ukraine with Remcos RAT via phishing using LNK files tied to reused infrastructure.

Our weekly DevOps jobs report shares five opportunities this week, including roles at Palo Alto Networks and the Ford Motor Company.

Models, models every where, so let's have a think

- surfingcomplexity.blog - March 31, 2025

If you're a regular reader of this blog, you'll have noticed that I tend to write about two topics in particular: Resilience engineering Formal methods I haven't found many people…

This post is written by Perry Wald, Principal GTM SA, Hybrid Edge, Eric Vasquez Senior SA Hybrid Edge, and Fernando Galves Gen AI Solutions Architect, Outposts AWS Outposts is a fully managed service that extends AWS infrastructure, services, APIs, and tools to customer premises. Outposts servers launched in 2022, a 1U or 2U rack-mountable host, […]

SaaS Is Broken: Why Bring Your Own Cloud (BYOC) Is the Future

- thenewstack.io observability - March 30, 2025

BYOC lets companies run SaaS on their own cloud infrastructure.

RESURGE malware exploits Ivanti flaw CVE-2025-0282, adding stealth tools and web shells for persistence.

How Each Pillar of the 1st Amendment is Under Attack

- krebsonsecurity.com - March 30, 2025

In an address to Congress this month, President Trump claimed he had "brought free speech back to America." But barely two months into his second term, the president has waged an unprecedented attack on the First Amendment rights of journalists,…

SRE Weekly Issue #470 – SRE WEEKLY

- sreweekly.com - March 30, 2025

An SRE thinks about the meaning of "sociotechnical":

Endor: WebAssembly-Based Server in the Browser

- thenewstack.io containers - March 29, 2025

Endor enables WebAssembly's various capabilities and individual services to now be combined into a structured environment entirely within the browser.

Cascii and Why Developers Should Use ASCII Diagrams

- thenewstack.io devops - March 29, 2025

Cascii is an ASCII editor that can be a useful tool for developers (e.g., for doing system flowcharts or network diagrams).

Sprint Retrospectives: The Unsung Hero of Agile Success

- thenewstack.io devops - March 29, 2025

Sprint Retrospectives build trust, surface issues, and fuel team growth.

Legit Security this week added a dashboard to its application security posture management (ASPM) platform to improve DevSecOps.

Crocodilus Android malware targets Spain and Turkey using overlays, accessibility abuse, and device takeover.

BlackLock's misconfigured leak site exposed internal commands, aiding Resecurity in uncovering 46 ransomware victims.

AWS has been a proud participant in FedRAMP since 2013. As FedRAMP continues to modernize federal cloud security assessments, we are excited to support this transformation toward a more automated and efficient compliance framework. Today, we're emphasizing our support for both APN partners and government customers through this evolution and sharing our perspective on these […]

Should You Care About Fermyon Wasm Functions on Akamai?

- thenewstack.io edge-computing - March 28, 2025

Fermyon Wasm Functions, launched at WASM I/O, benefits from WebAssembly's lightning-fast cold start times and sandboxed isolation when distributed.

The challenges organizations face when managing access control and authorization in cloud-native environments continue to grow in complexity. Organizations scaling their Kubernetes deployments…

46 solar inverter flaws in Sungrow, Growatt, SMA expose power grids to botnet attacks, risking blackouts.

CoffeeLoader uses GPU-based evasion, call stack spoofing, and scheduled tasks to deliver next-stage malware.

This article discusses how IT pros and businesses can guarantee operational continuity and business resilience with Datto BCDR. Learn more.

PJobRAT malware targeted Taiwanese Android users via fake chat apps from Jan 2023 to Oct 2024, enabling deep surveillance and remote control.

Microsoft expands its Hyperlight project with Hyperlight Wasm, enabling secure WebAssembly workloads in lightweight VMs.

Twelve npm packages hijacked via compromised maintainer accounts to exfiltrate secrets using obfuscated scripts.

Mozilla patched CVE-2025-2857 in Firefox after Chrome's exploited zero-day revealed similar IPC flaws.

In this post, we demonstrate how to build an enterprise AI assistant solution that uses LLMs in Amazon Bedrock with the precision of enterprise knowledge bases using the RAG approach. By integrating AWS services such as Lambda and Amazon Bedrock, our solution enables organizations to securely access and retrieve proprietary data, providing contextually relevant and accurate responses. The RAG approach not only enhances the assistant's ability to provide tailored responses within specific enterprise data domains, but also mitigates the risk of hallucinations. By injecting the latest enterprise proprietary knowledge into the response generation context, our solution makes sure that the assistant remains up-to-date and adaptable to evolving specific business needs. The sample code repository and CloudFormation template can enable organizations to streamline the development and deployment of their RAG-based AI assistant solutions.

AWS announces new integration capabilities for Amazon EventBridge and AWS Step Functions, enabling direct communication with private APIs using AWS PrivateLink and Amazon VPC Lattice. This enhancement streamlines secure application interactions across private networks, on-premises infrastructure, and cloud platforms, offering improved security, simplified architecture, and enhanced performance for enterprise-level deployments.

How Disconnected Systems Drain SaaS Startups

- thenewstack.io devops - March 27, 2025

Unified systems reduce complexity, streamline operations, and support faster scaling.

Speed up build times on CodeBuild with test splitting across multiple parallel build environments. Read how test splitting with CodeBuild works and how to get started.

Morphing Meerkat's phishing kit mimics 114 brands by reading DNS MX records to tailor fake logins.

When Getting Phished Puts You in Mortal Danger

- krebsonsecurity.com - March 27, 2025

Many successful phishing attacks result in a financial loss or malware infection. But falling for some phishing scams, like those currently targeting Russians searching online for organizations that are fighting the Kremlin war machine, can cost you your freedom or…

Today we're announcing the general availability (GA) of the new Amazon Cognito Identity Pool Level 2 (L2) construct in the AWS Cloud Development Kit (AWS CDK). This construct simplifies the creation and management of identity pools, permissions, and provider integrations by providing intent-based APIs that help users securely manage their authenticated and unauthenticated (guest) users […]

Ambient mode provides more encrypted throughput than any other project in the Kubernetes ecosystem. Encryption in transit is a baseline requirement for almost all Kubernetes environments today…

What's the Future of Platform Engineering?

- thenewstack.io platform-engineering - March 27, 2025

Organizations need to focus on why they're building a platform, said Humanitec's Mallory Haigh and Google DORA's Nathen Harvey in this episode of Makers.

Secure backups with threat detection and remediation

- GCP security blogs - March 27, 2025

To further support your security needs, we're adding more integration between Backup and DR, Security Command Center, and Google Security Operations.

Google Cloud at KubeCon Europe 2025

- GCP containers blogs - March 27, 2025

Join Google Cloud at KubeCon + CloudNativeCon Europe 2025 in London (April 1-4), the premier event for the cloud-native ecosystem.

RansomHub's EDRKillShifter used in 2024 ransomware by Medusa, BianLian, and Play, revealing cross-gang tool sharing.

Cary, North Carolina, 27th March 2025, CyberNewsWire

APT36 spoofed India Post using malware-laced PDFs and Android apps to harvest sensitive data.

Are Edge Computing and Cloud Computing in Competition?

- thenewstack.io edge-computing - March 27, 2025

Cloud computing can complement edge applications, and vice versa. Here's how.

Traditional CASB tools miss 100% of shadow SaaS threats—browser-based security offers real-time visibility and control.

Phishing Office files and CVE-2017-11882 exploits still active in 2025, exposing unpatched systems to malware.

150,000 sites infected with JavaScript redirect users to gambling pages—showcasing evolving, global-scale threats.

CISA adds Sitecore flaws CVE-2019-9874 and CVE-2019-9875 to KEV amid active exploitation and agency patch mandates.

CVE-2025-26512 in NetApp SnapCenter scored 9.9 CVSS; patch required to prevent remote admin escalation.

Why Consolidating Observability Tools Is a Smart Move

- thenewstack.io devops - March 26, 2025

A unified observability platform reduces complexity, breaks down silos, and enhances operational agility.

As AI and machine learning (AI/ML) become increasingly accessible through cloud service providers (CSPs) such as Amazon Web Services (AWS), new security issues can arise that customers need to address. AWS provides a variety of services for AI/ML use cases, and developers often interact with these services through different programming languages. In this blog post, […]

Amazon Web Services (AWS) is pleased to announce that the Winter 2024 System and Organization Controls (SOC) 1 report is now available. The report covers 183 services over the 12-month period from January 1, 2024, to December 31, 2024, giving customers a full year of assurance. This report demonstrates our continuous commitment to adhere to the […]

AWS Amplify Hosting now offers direct integration with AWS WAF, allowing users to apply web application firewall protection to their hosted apps through the console or infrastructure as code, eliminating the need for complex Amazon CloudFront configurations.

Pulumi today extended the reach of its ESC platform for managing IaC into the realm of DevSecOps by adding the ability to manage secrets.

FamousSparrow deployed two enhanced SparrowDoor variants and ShadowPad in July 2024 attacks, signaling active tool development.

CIOs must rethink tech investments as tariffs raise prices across the board.

How Colossus optimizes data placement for performance

- GCP storage blogs - March 26, 2025

Learn how the Google Colossus distributed storage system determines how to place files on HDD vs. SSD to balance cost and performance.

Imandra today launched an AI agent, dubbed CodeLogician, that uses symbolic models to transform source code into mathematical models.

Karmada Launches Adopter Group

- cncf.io - March 26, 2025

Karmada is thrilled to announce the launch of the Adopter Group program. This program aims to create a dynamic platform where adopters can connect, collaborate, and share information efficiently.

Every organization strives to empower teams to drive innovation while safeguarding their data and systems from unintended access. For organizations that have thousands of Amazon Web Services (AWS) resources spread across multiple accounts, organization-wide permissions guardrails can help maintain secure and compliant configurations. For example, some AWS services support resource-based policies that can be used to […]

Edge Data Centers Offer Benefits for Remote Industrial Apps

- thenewstack.io edge-computing - March 26, 2025

Faster data processing, lower latency, greater reliability — how the edge delivers what the cloud can't.

Sometimes the infrastructure operations team might face a challenge in managing the development team's data storage practices. The development team tends to store data in an uncontrolled manner, leading to potential issues such as excessive storage consumption and inefficient resource usage. This challenge arises from the lack of quota or capacity management capabilities in the […]

RedCurl deployed QWCrypt ransomware via fake CVs and ISO lures, disabling entire virtual infrastructures.

EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software vulnerabilities.

Trojan npm package downloaded 73 times modifies 'ethers' locally, enabling persistent reverse shell access

Most firms test security annually—configuration drift and missed gaps demand continuous testing to stay resilient.

Insider attacks cost $4.99M each + 68% of breaches involve human error + PAM reduces breach risk.

Atlantis AIO enables credential stuffing across 140+ platforms, fueling fraud, theft, and account takeovers

We're proud to become Atlético de Madrid's official cybersecurity partner, reinforcing our shared commitment to innovation and resilience in sports technology.

Google fixed Chrome zero-day CVE-2025-2783 on Mar 20 after attacks exploited a sandbox bypass flaw.

VMware Tools flaw CVE-2025-22230 enables high-privilege actions on Windows VMs + No workaround + Patch in 12.5.1.

Chainguard Takes Aim At Vulnerable Java Libraries

- thenewstack.io containers - March 25, 2025

Security-focused startup Chainguard expands its vulnerability-free approach beyond containers to Java libraries and virtual machine (VM) host images.

This post was co-authored by Henrique Santana, Container Specialist, AWS and Luis Felipe, Principal Solutions Architect, AWS. Introduction Many organizations have built their infrastructure using Amazon Elastic Compute Cloud (Amazon EC2) and Network Load Balancer (NLB), often with security policies built around the NLB's static IP addresses. As these organizations adopt containerization and move to […]

AWS is expanding its global infrastructure, now providing increased transparency about the specific geographic locations of its 114 Availability Zones across 36 regions to help customers meet regulatory requirements and make informed deployment decisions.

A Decade of Cloud Native: From CNCF, to the Pandemic, to AI

- thenewstack.io cloud-native - March 25, 2025

Cloud native technologies have underpinned the tech world for 10 years: from CNCF's launch, through the covid years, to the current AI era.

Bridgewater Associates is a global macro investment manager, with a core mission of understanding how the world's markets and economies work by analyzing the drivers of markets and turning that understanding into high-quality portfolios and investment advice for their clients. The data that drives this economic research is stored in Bridgewater's data lake, built on […]

Why combining these CNCF projects simplifies Kubernetes deployment at the edge. Edge computing is rapidly changing the landscape of application deployment, demanding solutions that are lightweight…

Without a unified and optimized infrastructure, complexity quickly spirals into excessive cloud spending, resource inefficiencies, and productivity bottlenecks. Enter Ray, the AI compute engine.

200+ Raspberry Robin C2 domains mapped via NetFlow; Russian GRU link intensifies cyber threat tracking.

ControlMonkey adds a disaster recovery module to its SaaS platform for automating the management of IaC tools based on Terraform software.

Chinese state-sponsored hackers infiltrated an Asian telecom for four years, triggering persistent cyber espionage

112 SaaS apps spur security risks; AI-driven insights like AskOmni streamline threat detection, ensuring robust defenses

FakeApp campaign leverages .NET MAUI to steal data from Indian, Chinese users via bogus banking and social apps

Operation Red Card sees 306 arrests and 1,842 devices seized across Africa, curbing cross-border cybercrime.

Five critical flaws in Ingress NGINX Controller expose 6,500+ clusters; update now to prevent unauthorized remote code execution.

In this post, we show how organizations can use Amazon Route 53 Resolver DNS Firewall to detect and block access to malicious domains. We show how you can use the Amazon Web Services (AWS) Managed Domain Lists, which contain domains associated with malicious activity or potential threats, and share best practices for implementing Route 53 […]

As we celebrate International Women's Day (IWD) this March, I had the privilege of attending the 'Women in Tech' User Group meetup in Shenzhen last weekend. I was inspired to see over 100 women in tech from different industries come together to discuss AI ethics from a female perspective. Together, we explored strategies such as […]

Microsoft launches inline data protection in Edge, preventing data leaks in GenAI apps and boosting enterprise security.

Unlock faster workload start time using Orbax on JAX

- GCP compute blogs - March 24, 2025

Learn how you can deliver efficient checkpoint loading and unlock faster, more cost-efficient, and more impactful AI development.

Amazon Web Services (AWS) provides service reference information in JSON format to help you automate policy management workflows. With the service reference information, you can access available actions across AWS services from machine-readable files. The service reference information helps to address a key customer need: keeping up with the ever-growing list of services and actions […]

VanHelsing RaaS launched March 7, 2025 with 3 victims using a $5,000 deposit model, expanding cyber threats across multiple OS.

Observability Without a Data Lake Might No Longer Work

- thenewstack.io observability - March 24, 2025

A proper data lake and observability platform are hard to deliver and sets the bar for observability players even higher.

Today's distributed, cloud-native systems generate logs at a high rate, making it increasingly difficult to derive actionable insights. AI and Generative AI (GenAI) technologies—particularly large…

The CNCF community is truly global; our contributors, members and ambassadors span the world. We invest heavily in community-driven initiatives to fuel sustained momentum, expansion…

Stay informed with the latest in cybersecurity trends, vulnerabilities, and best practices. Don't miss out on this week's critical updates on patching

KubeCon EU 2025: Aviatrix's Enterprise Firewall for Kubernetes

- thenewstack.io kubernetes - March 24, 2025

This firewall aims to simplify network management and security by providing granular, identity-based policies and resolving CIDR conflicts across multicloud and hybrid environments.

Ransomware in VSCode extensions triggers PowerShell payload to encrypt test files; developers warned to strengthen security.

71% risky reuse drives demand for seamless protocols; improved UX boosts cybersecurity compliance.

Are you looking for a career change? Then browse our weekly five great DevOps job opportunities where you might find your next move!

Next.js flaw CVE-2025-29927 bypasses authorization checks in versions 12.3.5 to 15.2.3, risking admin page access.

GitLab 17.10 introduces Duo Code Review and Root Cause Analysis for self-hosted environments, along with enhanced metrics visualization.

Google's OSV-Scanner V2.0.0 brings enhanced vulnerability scanning with container support and innovative remediation features.

When Do Retry, Backoff, and Jitter Work?

- thenewstack.io devops - March 23, 2025

Backoff and jitter smooth short bursts but can't manage continuous load increases.

CVE-2025-30066 supply chain attack compromised tj-actions on March 14, 2025, exposing 218 repositories and leaking credentials.

SRE Weekly Issue #469 – SRE WEEKLY

- sreweekly.com - March 23, 2025

I've shared this article before, but it's so critical that it's time to give it another read.

U.S. Treasury lifts Tornado Cash sanctions after Fifth Circuit ruling, removing 100+ ETH wallets to bolster digital asset security.

This post is authored by Anton Aleksandrov, Principal Solution Architect, AWS Serverless and Daniel Abib, Senior Specialist Solutions Architect, AWS Serverless application developers may commonly encounter scenarios where they need to transport large payloads, especially when building modern cloud applications that need rich data. Examples include analytics services with detailed reports, e-commerce platforms with extensive […]

Arrests in Tap-to-Pay Scheme Powered by Phishing

- krebsonsecurity.com - March 21, 2025

Authorities in at least two U.S. states last week independently announced arrests of Chinese nationals accused of perpetrating a novel form of tap-to-pay fraud using mobile devices. Details released by authorities so far indicate the mobile wallets being used by…

Google Cloud Backup and DR protection summary

- GCP compute blogs - March 21, 2025

Google Cloud Backup and DR's protection summary offers a centralized view of data protection configuration, identifying gaps and improving resilience.

Rebranding DAST isn't about slapping on a new label, its about shifting the way we think about security testing.

NixOps Lives On: Introducing NixOps 4

- thenewstack.io devops - March 21, 2025

After years of challenges, NixOps gets a complete redesign while Flox shows how Nix can be a viable alternative to Docker for reproducible deployments.

We want customers to be successful as they develop and deploy AI, and that means using risk mitigation and proactive security measures. Here's how to get started.

JetStream for GCE Disaster Recovery Orchestration helps you orchestrate DR plans, and can be deployed via Google Cloud Marketplace.

An API-first engineering strategy enhances developer experience and productivity, providing a marketplace with improved discoverability.

Exploring how businesses can secure their development pipelines by integrating AI into DevSecOps and adopt a more proactive approach.

UAT-5918 has attacked Taiwan infrastructure since 2023 using web shells and open-source tools to steal credentials.

What happens when technology stops evolving in silos and starts converging into something greater? The boundaries between innovations are dissolving, merging into a vast…

London's calling and our local CNCF Ambassadors have answered with some great ideas of things to do close to the KubeCon + CloudNativeCon Europe 2025 venue. Cross the river Since our event is going to…

Medusa ransomware uses ABYSSWORKER driver with stolen certificates to disable EDR and enable RDP access, risking data breaches.

How bitdrift Is Breaking the Status Quo of Observability

- thenewstack.io observability - March 21, 2025

The startup flips the observability paradigm on its head and challenges the "more data is better" approach.

Perforce Software this week acquired Snowtrack, a provider of version control software used by application designers.

10 Critical Network Pentest Findings IT Teams Overlook

- thehackernews.com - March 21, 2025

vPenTest's 10,000+ pentests reveal exploitable network gaps from misconfigurations and weak passwords, driving continuous security improvement.

Kaspersky reveals Head Mare and Twelve join forces targeting Russian entities via vulnerabilities and new tools, escalating cyber threats.

China-linked APT Aquatic Panda targeted 7 organizations in a 10-month espionage campaign using five malware families.

Active exploitation of Cisco CVE-2024-20439 & 20440 in Smart Licensing forces urgent patching of vulnerable versions.

This post is written by Arun Kumar N C, Technical Account Manager; Debapriyo Jogi, Technical Account Manager; and Ashish Nagaraj, Cloud Support Engineer 2 Organizations are increasingly adopting hybrid cloud architectures that combine the scalability of cloud computing with the control and compliance benefits of on-premises infrastructure. AWS Outposts extends AWS infrastructure, AWS services, APIs, […]

The first week of April, from March 31st to April 4th will be a huge week for cloud native and Telco in London, and it will be a great opportunity to highlight how much telecom is connected to open…

YouTube game cheat videos deliver Arcane stealer malware; attack chain extracts sensitive data via batch files and PowerShell.

Veeam and IBM patch critical vulnerabilities—Veeam's CVE-2025-23120 (CVSS 9.9) and IBM's AIX flaws—preventing potential remote exploits

With OTel, dash0 Wants to Make Observability Actually Useful

- thenewstack.io observability - March 20, 2025

The OpenTelemetry-native tool eliminates vendor lock-in, lowers costs, and gives engineers context to truly make sense of their data.

We started Gloo Open Source in 2018, reaching GA in early 2019. Since then, we have grown Gloo adoption to hundreds of paid customers and numerous open-source users. We truly believe Gloo Gateway is…

Discover how Kube-OVN enables transparent KubeVirt live migrations with IP preservation and <0.5s network downtime. In virtual machine usage scenarios, live migration allows a virtual machine to be…

Microsoft 365's shared responsibility model assigns providers robust infrastructure security while users enforce controls, boosting cybersecurity.

Six governments likely use Paragon's Graphite spyware, disrupting 90 attacks and prompting iOS 18 fixes.

33.3M U.S. SMBs risk non-compliance. Automated monitoring cuts fines and boosts security

CISA adds flaw CVE-2024-48248 to NAKIVO pre-10.11.3; active exploit risks data exposure, FCEB must mitigate by April 9, 2025.

CERT-UA warns of a DCRat campaign via Signal targeting Ukrainian defense; UAC-0200 active since summer 2024 risks breaches.

NVIDIA continues to rapidly advance GPUs beyond previous models. But will data centers suffer from "hyperscaler indigestion"?

This blog post was authored by Robert Northard, Principal Container Specialist SA, Eric Chapman, Senior Product Manager EKS, and Elamaran Shanmugam, Senior Specialist Partner SA. Introduction Amazon Elastic Kubernetes Service (Amazon EKS) Hybrid Nodes transform how you run generative AI inference workloads across cloud and on-premises environments. Extending your EKS cluster to on-premises infrastructure allows you […]

Willem Berroubache is a cloud native and Security Architect based in Paris, France, currently working at Orange. Over the years, he has worked on private cloud security use cases and telco cloud…

Amazon CloudWatch Application Signals now supports runtime metrics for Java, Python and .Net applications. This new capability lets you monitor application runtime metrics directly in Amazon CloudWatch, helping you correlate application performance signals and improve application observability. Amazon CloudWatch Application Signals automatically instruments your applications running on AWS, so that you can monitor your application […]

Hackers exploit PHP flaw (CVE-2024-4577) to deploy Quasar RAT and XMRig miners, with Taiwan hit hardest. Update PHP now to mitigate risks.

Rdma rocev2 for ai workloads on google cloud

- GCP networking blogs - March 19, 2025

Discover how using RoCE v2 delivers low latency, high-bandwidth and loss-less networking for your AI Infrastructure deployments on Google Cloud.

You can now select backup and continuous data replication options for block storage when creating a VM in the Google Cloud console.

A strong relationship with your developers is characterized by transparency and trust in all aspects of project development.

Leaked Black Basta chats reveal Russian aid in leader's escape, AI-assisted fraud, and BRUTED credential attacks on firewalls and VPNs.

A survey of infrastructure decision-makers finds nearly half believe their organization has a high level of infrastructure automation.

One of the reasons mirrord is a game-changer for many organizations is that it makes it possible for a whole team to work with one shared cloud environment. They don't need to run the whole…

Join Beyond Identity's webinar to learn how secure-by-design access blocks phishing, MFA bypass, and identity threats before they strike.

Identity-based attacks are rising, but ITDR helps detect threats, prioritize risks, and stop breaches before they happen.

ClearFake malware infects 9,300+ websites, using fake reCAPTCHA and Web3 tactics to spread Lumma and Vidar Stealers, exposing 200,000+ users.

A survey conducted by The Futurum Group finds AI is viewed as playing a critical role in the development and deployment of software.

Oracle releases Java 24 with new AI capabilities, post-quantum cryptography and simplified programming features.

Gemini's Canvas feature transforms app dev workflows with real-time collaboration, code preview capabilities, and seamless prototyping.

Two critical mySCADA myPRO flaws (CVSS 9.3) allow remote command execution, threatening industrial control systems and requiring urgent patching.

CISA warns of CVE-2025-30066, a GitHub supply chain attack exposing secrets via compromised actions logs. Update tj-actions/changed-files by April 4.

DOGE to Fired CISA Staff: Email Us Your Personal Data

- krebsonsecurity.com - March 19, 2025

A message posted on Monday to the homepage of the U.S. Cybersecurity & Infrastructure Security Agency (CISA) is the latest exhibit in the Trump administration's continued disregard for basic cybersecurity protections. The message instructed recently-fired CISA employees to get in…

The ROI of Speed: How Fast Code Delivery Saves Millions

- thenewstack.io devops - March 18, 2025

CircleCI's new report reveals how top engineering teams triple development speed while saving millions in costs through optimized workflows and AI adoption.

As businesses continue to rely on data-driven decision-making, there's an increasing demand for tools that streamline and accelerate the process of data analysis. Efficiency and simplicity in application architecture can serve as a competitive edge when driving high-stakes decisions. Developers are seeking lightweight, flexible tools that seamlessly integrate with their existing application stack, specifically solutions […]

Accelerate AI in Healthcare: NVIDIA BioNeMo + GKE

- GCP compute blogs - March 18, 2025

This guide shows you how to deploy NVIDIA BioNeMo and NIM on Google Cloud's GKE for efficient research.

Google Cloud goes to NVIDIA GTC

- GCP compute blogs - March 18, 2025

At NVIDIA's GTC AI Conference, we announced that A4 VMs based on B200 are generally available, and that A4X VMs based on GB200 NVL72 are in preview.

Amazon Web Services (AWS) is excited to announce that a new Information Security Registered Assessors Program (IRAP) report (2024 H2) is now available through AWS Artifact. An independent Australian Signals Directorate (ASD) certified IRAP assessor completed the IRAP assessment of AWS in February 2025. The new IRAP report includes an additional six AWS services that are now assessed at the […]

This post is written by Craig Warburton, Senior Solutions Architect, Hybrid; Sedji Gaouaou, Senior Solutions Architect, Hybrid; and Brian Daugherty, Principal Solutions Architect, Hybrid. Migrating workloads to AWS Outposts Rack offers you the opportunity to gain the benefits of cloud computing while keeping your data and applications on premises. For organizations with strict data residency […]

Amazon Web Services (AWS) is pleased to announce the publication of our annual compliance assessment report on the Information Assurance Regulation (IAR) established by the Telecommunications and Digital Government Regulatory Authority (TDRA) of the United Arab Emirates (UAE). The report covers the AWS Middle East (UAE) Region. The IAR provides management and technical information security […]

Thanks to its performance and adaptability, Open Policy Agent (OPA) is a common choice for managing policy-as-code. Nonetheless, security flaws can develop if OPA is abused or improperly designed…

Hackers can exploit AI code editors like GitHub Copilot to inject malicious code using hidden rule file manipulations, posing a major supply chain thr

In the world of data, not everything needs to move at the speed of light — and that's precisely the point.

Cloud CISO Perspectives: 5 tips for secure AI success

- GCP security blogs - March 18, 2025

To coincide with new AI Protection capabilities in Security Command Center, we're offering 5 tips to set up your organization for secure AI success.

Google Cloud acquires Wiz for $32B in its biggest-ever deal, strengthening multicloud security and expanding AI-driven cybersecurity capabilities.

Microsoft's unpatched Windows flaw (ZDI-CAN-25373) has been exploited by 11 state-backed groups since 2017, enabling espionage and data theft via .LNK

CVE-2024-54085 in AMI MegaRAC BMC allows remote control, malware deployment, and server damage; patches released March 11, 2025.

The dawn of APIs across the digital ecosystem has fundamentally disrupted standard business models and software development. And enhancing these approaches with intelligent, data-driven…

In today's fast-paced tech landscape, platform engineering has become a strategic priority for organisations seeking to streamline development, enhance operational efficiency…

331 Android apps with 60M+ downloads ran full-screen ads, stole credentials, and bypassed security in a large-scale ad fraud and phishing scheme.

Google announces agreement to acquire Wiz

- GCP security blogs - March 18, 2025

Google announces agreement to acquire Wiz. Learn how this acquisition will provide a unified security platform and protect against new threats.

How to Improve Okta Security in Four Steps

- thehackernews.com - March 18, 2025

While Okta provides robust native security features, configuration drift, identity sprawl, and misconfigurations can provide opportunities for attacke

BADBOX 2.0 botnet infects 1M+ Android devices for ad fraud, proxy abuse, and cybercrime, leveraging pre-installed malware and trojanized apps

MirrorFace targets an EU diplomatic group using ANEL and AsyncRAT, marking a shift in its cyber espionage tactics beyond Japan

Microsoft warns of StilachiRAT, a stealthy remote access trojan that steals credentials, crypto wallets, and system data while evading forensic detect

AWS Key Management Service (AWS KMS) is pleased to launch key-level filtering for AWS KMS API usage in Amazon CloudWatch metrics, providing enhanced visibility to help customers improve their operational efficiency and aid in security and compliance risk management. AWS KMS currently publishes account-level AWS KMS API usage metrics to Amazon CloudWatch, enabling you to monitor […]

A popular GitHub Action used in more than 23,000 code repositories has been compromised in a supply chain attack by attackers.

Apache Tomcat flaw CVE-2025-24813 is under active exploitation, enabling remote code execution via PUT requests.

Spoiler: Build flexible, maintainable systems that can adapt as the technology matures.

Thanks to everyone who joined us for the fifth annual AWS Pi Day on March 14. Since its inception in 2021, commemorating the Amazon Simple Storage Service (Amazon S3) 15th anniversary, AWS Pi Day has grown into a flagship event highlighting the transformative power of cloud technologies in data management, analytics, and AI. This year's […]

Sideko's platform automates API documentation and tools maintenance, helping enterprises scale API programs and prepare for AI integration.

Attending KubeCon + CloudNativeCon India 2024 in December was a milestone moment for me. After applying for a scholarship multiple times and not being selected for past events, I was thrilled to…

Learn how Cloud Storage's new hierarchical namespace (HNS) capability can help you maximize the performance and efficiency of your AI/ML workloads.

How gen AI powers up multiplayer games

- GCP containers blogs - March 17, 2025

A deep dive to integrating cutting-edge generative AI models into scalable multiplayer game servers powered by Google Kubernetes Engine (GKE) and Agones.

This post is written by Anton Aleksandrov, Principal Solution Architect, AWS Serverless and Rajesh Kumar Pandey, Principal Engineer, AWS Lambda AWS Lambda is a highly scalable and resilient serverless compute service. With over 1.5 million monthly active customers and tens of trillions of invocations processed, scalability and reliability are two of the most important service […]

The Cloud Native Computing Foundation (CNCF) and the Open Source Security Foundation (OpenSSF) are thrilled to introduce Open Source SecurityCon 2025—a premier event focused on strengthening cloud…

Unpatched Edimax IC-7100 flaw (CVE-2025-1316) exploited for Mirai botnet malware since May 2024, enabling DDoS attacks via default credentials.

Solo.io introduces a new project designed to help users build and run AI agents to speed up Kubernetes workflows.

Hackers exploit CSS in emails to bypass spam filters and track user actions, raising privacy concerns.

Critical router breaches, stealthy PyPI malware, powerful new ransomware decryptors—this week's top cyber threats decoded

66% of cloud storage buckets contain sensitive data, making them prime ransomware targets. Experts warn of attacks using AWS S3 and KMS features

GitHub Action tj-actions/changed-files was compromised, leaking CI/CD secrets. Users must update immediately to prevent unauthorized access.

Frankfurt am Main, Germany, 17th March 2025, CyberNewsWire

How to Run Docker in Rootless Mode

- thenewstack.io cloud-native - March 17, 2025

How to run Docker containers on Linux without root privileges.

The five DevOps job postings shared this week include opportunities at Spotify, Ace Hardware Corp., and Boeing Intelligence and Analytics.

Organizations are modernizing data platforms to use generative AI by centralizing data from various sources and streaming real-time data into data lakes. A strong data foundation, such as scalable storage, reliable ingestion pipelines, and interoperable formats, is critical for businesses to discover, explore, and consume data. As organizations modernize their platforms, they often turn to […]

AI in Network Observability: The Dawn of Network Intelligence

- thenewstack.io observability - March 16, 2025

Imagine a network in which AI isn't just a tool but an active participant, a digital colleague working alongside human engineers.

Amazon Web Services (AWS) now offers AWS managed notifications, a centralized way to manage and view default notifications in AWS User Notifications. Currently, only AWS Health events are available as managed notifications. With this new feature, you can stay informed about critical updates related to operations and account health. AWS User notifications channels include the […]

SRE Weekly Issue #468 – SRE WEEKLY

- sreweekly.com - March 16, 2025

The Growing Significance of Observability in Cloud Native Environments

- thenewstack.io observability - March 15, 2025

Security is no longer a separate function — it's becoming an integral part of observability.

Researchers uncovered 20 malicious PyPI packages stealing cloud credentials, downloaded 14,100+ times before removal.

This post is written by Sayan Chakraborty, Senior Solutions Architect, AWS Implementing a serverless architecture to detect absence of Guardrails in Amazon Bedrock inference API calls In today's rapidly evolving artificial intelligence (AI) landscape, organizations are increasingly harnessing the power of foundation models through Amazon Bedrock to build sophisticated generative AI applications. Although this technology […]

ClickFix: How to Infect Your PC in Three Easy Steps

- krebsonsecurity.com - March 14, 2025

A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. In this scam, dubbed "ClickFix," the visitor to a hacked or malicious website is asked to distinguish themselves from bots by pressing a combination…

Organizations today seek data analytics solutions that provide maximum flexibility and accessibility. Customers need their data to be readily available using their preferred query engines, and break down barriers across different computing environments. At the same time, they want a single copy of data to be used across these solutions, to track lineage, be cost […]

We compare OWASP's top 10 API security threats list to the security capabilities of Apigee. Here's how we hold up.

GSMA introduces end-to-end encryption for RCS using MLS, enhancing security for cross-platform messaging.

LockBit developer Rostislav Panev extradited to U.S. after aiding ransomware group's $500M cybercrime spree.

AWS Pi Day, an annual event commemorating the launch of Amazon S3 in 2006, has evolved from celebrating cloud storage milestones to showcasing cutting-edge developments in data management, analytics, and AI. In 2025, we're focused on unified data foundation for analytics and AI through new capabilities like S3 Tables, SageMaker Unified Studio, and Amazon Bedrock IDE.

Semaphore's CI/CD platform goes open source under Apache 2.0, offering DevOps professionals a scalable solution without vendor lock-in.

How Slack Transformed Cron into a Distributed Job Scheduler

- thenewstack.io kubernetes - March 14, 2025

With help from Kubernetes, Golang and Kafka, Slack's crontab drives 2,000 tasks an hour. Monster Scale Summit had all the details.

The consortium driving OpenStack this week agreed to become an arm of The Linux Foundation, part of an effort to drive more collaboration.

Join cybersecurity expert Joseph Carson for a live demo revealing how ransomware attacks unfold—and how to stop them.

Andelyn Biosciences enforced 2,700 security policies in weeks, achieving Zero Trust without network redesign.

MassJacker clipper malware hijacks cryptocurrency transactions, targeting piracy users via Pesktop[.]com, with attackers linked to 778K+ wallet addres

OBSCURE#BAT malware exploits fake CAPTCHA pages and malvertising to deploy rootkit r77, evading detection via registry modifications and AMSI patching

This blog was authored by Zakiya Randall, Technical Account Manager and co-written with Muru Bhaskaran, Sr. Specialist Solutions Architect. Introduction As the landscape of computing continues to evolve, there is a growing emphasis on supporting a diverse range of computing architectures. This shift is driven by the need for flexibility, efficiency, and performance optimization across […]

Managing large-scale data analytics across diverse data sources has long been a challenge for enterprises. Data teams often struggle with complex data lake configurations, performance bottlenecks, and the need to maintain consistent data governance while enabling broad access to analytics capabilities. Today, Starburst announces a powerful solution to these challenges by extending their Apache Iceberg […]

Amazon SageMaker Unified Studio is a single data and AI development platform that brings data together with analytics and AI/ML tools, including Amazon Bedrock and Amazon Q Developer, to streamline analytics and AI application development across virtually any use case.

The global race for AI dominance will not be won by those who innovate responsibly — building systems trusted by users worldwide.

Amazon S3 Tables integration with SageMaker Lakehouse enables unified access to S3 Tables data from AWS analytics engines like Amazon Athena, Redshift, EMR, and third-party query engines, to build securely and manage centrally.

Containerization offers organizations significant benefits such as portability, scalability, and efficient resource utilization. However, managing access control and authorization for containerized workloads across diverse environments—from on-premises to multi-cloud setups—can be challenging. This blog post explores four architectural patterns that use Amazon Verified Permissions for application authorization in Kubernetes environments. Verified Permissions is a scalable permissions management and fine-grained […]

Every day, I talk with security leaders who are navigating a critical balancing act. On one side, their organizations are moving faster than ever, adopting transformative technologies like generative AI and expanding their cloud footprint. On the other, they're working to maintain strong security controls and visibility across an increasingly complex landscape. We all know […]

This post was jointly authored by Elamaran Shanmugam (Senior Partner Specialist SA), Sanjeev Ganjihal (Senior Specialist SA), and Steven David (Principal SA). Introduction In this first part of a four-part series, titled Observability of MLOps on Amazon EKS, you get an overview of Machine Learning operations(MLOps) on Amazon Elastic Kubernetes Service(Amazon EKS). This includes understanding […]

Cycloid extended its platform for managing software engineering workflows to provide more control over how stacks are constructed.

Security must be embedded into each phase of the software development process.

Introducing Network Security Integration

- GCP networking blogs - March 13, 2025

Network Security Integration can help you integrate third-party network appliance or service deployments with your Google Cloud workloads.

Microsoft warns of a phishing campaign using ClickFix to spread malware via fake Booking.com emails. Attackers exploit fake CAPTCHA pages to steal cre

KoSpy spyware targets Android users via fake apps, collecting data while evading detection with Firestore.

Software development is undergoing a seismic shift, driven by the transformative impact of generative AI. This powerful technology is redefining how developers work, what they build, and who can become a developer. At the AWS Developer Day 2025, we discussed how AWS is empowering developers to embrace this evolution through their generative AI developer tools. […]

The Eclipse Foundation today made available an alpha release of an instance of its open source Theia IDE, that provides access to AI agents.

In the modern era of the software industry, microservice architecture and Kubernetes have become the globally adopted solution, for organizations looking for scalability and operational efficiency.

ruby-saml vulnerabilities (CVE-2025-25291, CVE-2025-25292) allow SAML authentication bypass (CVSS 8.8). Update to versions 1.12.4 or 1.18.0 now.

This article shares the latest trends and challenges in backup and disaster recovery by gathering data from over 3,000 IT pros worldwide. Learn more.

Cary, North Carolina, 13th March 2025, CyberNewsWire

A critical FreeType vulnerability (CVE-2025-27363) with a CVSS 8.1 score may be actively exploited—update to 2.13.3 now for protection.

Firefox users must update to version 128 before March 14 to prevent add-on failures and security risks.

Intelligent Continuous Security is the next evolution, harnessing AI-driven automation, real-time threat detection and continuous compliance.

SUSE Unveils Cloud Native Innovations at SUSECON 2025

- thenewstack.io cloud-native - March 12, 2025

SUSE is double-downing on its Rancher/StackState cloud native technologies in its drive to become a cloud native corporate power.

In this post we explore how you can use AWS Cloud WAN Connect with Generic Routing Encapsulation (GRE) Tunnels and Multi-protocol BGP (MP-BGP) for Equal Cost Multi-Path (ECMP) routing of IPv6 networks. We also cover route verification and failover testing best practices. Many Amazon Web Services (AWS) users are increasingly adopting IPv6 and Software-Defined Wide […]

The Missing Piece in Platform Engineering: Recognizing Producers

- thenewstack.io platform-engineering - March 12, 2025

You may find that focusing on your producer persona brings more platform capabilities and your customers happy.

Cycode has added a SAST tool to its ASPM platform that promises to reduce the number of false positives generated by rival tools.

Announcing Dapr AI Agents

- cncf.io - March 12, 2025

The Dapr project is excited to announce Dapr Agents, a framework for developers to simplify the creation of AI agents that reason, act, and collaborate using LLMs. Today, we are excited to announce…

It's now easier than ever for vulnerable organizations to apply to Project Shield, set up protection, and automate their defenses. Here's how

How To Configure Loki S3 For Log Storage

- devopscube.com - March 12, 2025

In this blog, we will look into setting up AWS S3 in Loki for storing its logs. We

UNC3886 exploits Juniper routers with six TinyShell-based backdoors, evading detection and maintaining persistence.

San Jose, United States / California, 12th March 2025, CyberNewsWire

Accessing the Kubernetes API for your clusters from anywhere or across any network is a powerful lever. It's even better if you can do so without shipping or extending more messy networks…

On February 14, Amazon Q Developer announced support for upgrades to Java 21. As a Java developer, I'm excited about this new capability, which will make it easier for me to keep my applications up-to-date and take advantage of the latest language features and performance improvements. In addition, the latest version of Amazon Q Developer […]

GreyNoise reports 400+ IPs exploiting multiple SSRF vulnerabilities, targeting cloud services and global networks. Patch now.

Microsoft fixes 57 security flaws, including six zero-days exploited in the wild. CISA mandates patches by April 1.

Pentesters: Is AI Coming for Your Role?

- thehackernews.com - March 12, 2025

AI is reshaping pentesting by automating tasks, enhancing efficiency, and empowering testers—without replacing them

To thrive in the AI-powered era, development teams need more than just automation; they need intelligent, integrated deployment platforms.

Apple patches WebKit zero-day CVE-2025-24201, exploited in sophisticated attacks before iOS 17.2. Update secures iOS, macOS, Safari, and Vision Pro.

On May 30th, 2025, the AWS Cloud Development Kit (CDK) will no longer support Node.js 14.x and 16.x, which reached end of life on 4/30/2023 (14.x) and 9/11/2023 (16.x). This change applies to all AWS CDK components that depend on Node.js, including the AWS CDK CLI, the Construct Library, and broader CDK ecosystem projects such […]

2025 is the year when NIS2 measures will start to bite. Is your platform team ready for the challenge? This post gives a brief overview of NIS2 in the context of platform engineering.

Dapr (Distributed Application Runtime) takes the pain out of building distributed applications by offering developers simple "building block" APIs to manage the challenges of connecting with complex…

Blind Eagle targeted 1,600 victims in Colombia using spear-phishing, exploiting CVE-2024-43451, and distributing malware via GitHub and Bitbucket.

Alleged Co-Founder of Garantex Arrested in India

- krebsonsecurity.com - March 11, 2025

Authorities in India today arrested the alleged co-founder of Garantex, a cryptocurrency exchange sanctioned by the U.S. government in 2022 for facilitating tens of billions of dollars in money laundering by transnational criminal and cybercriminal organizations. Sources close to the…

Operations, Code or Die - DevOps.com

- devops.com - March 11, 2025

Panelists anticipated that soon AI would take over coding, making the primary skill, the ability to articulate requirements to AI.

Sonar has revealed it will add an offering combining its SAST tool with the SCA tools it gained with the acquisition of Tidelift last year.

In this blog post, I dive into the powerful new features of Amazon Q Developer that empower developers to take full control of their development workflow. These features, currently available in Visual Studio Code, allow you to leverage workspace context, explicit context, prompt libraries, and project rules to streamline your software projects, maintain coding standards, […]

Ballista botnet exploits TP-Link router flaw CVE-2023-1389, infecting 6,000+ devices worldwide and evolving to use TOR.

Compliance isn't security. Adversarial Exposure Validation reveals exploitable vulnerabilities, helping teams cut through the noise and focus on real

How Adidas Drives Engineering Success, Including With GenAI

- thenewstack.io devops - March 11, 2025

From a cloud and microservices migration, to a platform engineering strategy, to now generative AI, Adidas aims to be an early adopter.

An analysis of public GitHub repositories finds 22.8 million hardcoded secrets, representing a 25% increase on the previous study.

Steganography Explained: How XWorm Hides Inside Images

- thehackernews.com - March 11, 2025

Cybercriminals use steganography to hide malware inside images, evading security tools and enabling stealthy attacks. Learn how to detect and prevent

Moxa fixes CVE-2024-12297, a critical PT switch flaw (CVSS 9.2) enabling authentication bypass. Users must update firmware or apply mitigation steps.

SideWinder APT expands attacks on maritime, nuclear, and IT sectors, rapidly modifying malware to evade detection.

CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software vulnerabilities.

This post is co-authored by Grzegorz Kaczor and Daniel Steenbock from Hapag-Lloyd AG and Michael Graumann and Daniel Moser from AWS. Introduction In today's fast-paced digital landscape, efficient incident management is crucial for maintaining high-quality customer experiences. In our previous article we discussed how the Web and Mobile department at Hapag-Lloyd established observability for serverless […]

Microsoft: 6 Zero-Days in March 2025 Patch Tuesday

- krebsonsecurity.com - March 11, 2025

Microsoft today issued more than 50 security updates for its various Windows operating systems, including fixes for a whopping six zero-day vulnerabilities that are already seeing active exploitation.

This post is written by Ninad Joshi, Senior Solutions Architect, Ballu Singh, Principal Solutions Architect, and Ankush Goyal, Enterprise Support Lead AWS. Introduction In today's cloud-first world, managing compute capacity efficiently while making sure of application availability is crucial for your business. Amazon EC2 On-Demand Capacity Reservations (ODCR) is a valuable tool for organizations looking […]

The ability to monitor and manage workloads in real-time is a foundational requirement for ensuring that you can meet your resilience objectives. Having visibility into key user activities and the performance of critical business functions, enables you to automate responses to events that can impact business operations. Effective monitoring is crucial for not only achieving […]

Modern applications often rely on public APIs to exchange information between trusted clients (such as mobile applications or web browsers) and services. Using a combination of Amazon Web Services (AWS) Edge Services (AWS WAF, AWS Shield Advanced, and Amazon CloudFront) allow Glovo to share how they protect their public-facing APIs from a variety of external […]

This blog was authored by Sriram Ranganathan, Senior Product Manager, AWS and Vikram Venkataram, Principal Solutions Architect, AWS. Introduction As part of AWS re:Invent 2023, Amazon Elastic Kubernetes Service (Amazon EKS) launched Amazon EKS Pod Identity, simplifying how you apply AWS Identity and Access Management (IAM) permissions to your Kubernetes cluster workloads. Some EKS add-ons, which enable […]

DeepSeek-R1 is now available as a fully managed model in Amazon Bedrock, freeing up your teams to focus on strategic initiatives instead of managing infrastructure complexities.

The most hybrid-friendly roles include Head of Platform Engineering and Data Engineer.

As the weather improves in the Northern hemisphere, there are more opportunities to learn and connect. This week, I'll be in San Francisco, and we can meet at the Nova Networking Night at the AWS GenAI Loft where we'll dive into the world of Amazon Nova foundation models (FMs) with live demos and real-world implementations. […]

Hackers use polymorphic browser extensions to mimic real add-ons, steal credentials, and hijack accounts. Affects Chrome, Edge, Brave, and more.

Strobelight: Meta's eBPF Profiler Framework for Massive Infra

- thenewstack.io observability - March 10, 2025

With eBPF, Meta's Strobelight profiler has monitored everything from the tiniest factors to the entire hypercloud.

Synopsys unveils an enhancement to its virtual prototyping suite that promises to transform how developers build software-defined products.

Falcoctl: Artifact Management for Falco

- cncf.io - March 10, 2025

Artifact management is the process of storing, organising, and securing the essential components generated throughout software development. Cloudsmith defines artifacts as the tangible outputs of the…

A new AsyncRAT malware variant has infected 900 victims in MENA via Facebook ads and Telegram links.

We're thrilled to share that the Cloud Native Computing Foundation has once again been accepted as a Google Summer of Code (GSoC) mentoring organization for 2025! This program is a fantastic…

Setup OpenVPN Server In EC2 For Secure AWS Access

- devopscube.com - March 10, 2025

In this blog, we will learn how to Setup OpenVPN Server in EC2 instance. The OpenVPN server will

Intelligent applications transform how we interact with technology, beyond traditional software to create intuitive and efficient systems.

Why The Modern Google Workspace Needs Unified Security

- thehackernews.com - March 10, 2025

Google Workspace security demands a unified approach—eliminate blind spots, automate remediation, and stop threats before they strike.

State-sponsored hacking, IoT botnets, ransomware shifts—this week's cyber roundup covers it all. Stay informed, stay secure. Read now

Check out this week's DevOps job opportunities, including roles at Recruitment Room America, Intel and MAXAR Technologies.

GitHub enhances the pull request experience with logical check grouping, improved rule enforcement and better accessibility.

SilentCryptoMiner infects 2,000 users by posing as a restriction bypass tool, leveraging YouTube and Telegram for distribution.

Create a Samba Share and Use From in a Docker Container

- thenewstack.io containers - March 09, 2025

How to install Samba and configure it such that it can be used for sharing files to your network from a Linux server.

Paxos made visual in FizzBee

- surfingcomplexity.blog - March 09, 2025

Unfortunately, Paxos is quite difficult to understand, in spite of numerous attempts to make it more approachable. — Diego Ongaro and John Ousterhout, In Search of an Understandable Consensus Algor…

SRE Weekly Issue #467 – SRE WEEKLY

- sreweekly.com - March 09, 2025

It's been awhile since we've seen any updates from the

Vulnerability-Free Java Containers: A Practical Guide

- thenewstack.io containers - March 08, 2025

Selecting the right base image is crucial for securing Java applications in containerized environments.

Introduction The AWS WAF Bot Control rule group includes rules for detecting and managing bot threats. These threats range from easily identified common bots through to coordinated targeted bots that evade detection by operating across multiple hosts. Like any other security controls, Amazon Web Services (AWS) WAF Bot Control for Targeted Bots rules can also […]

Application performance monitoring (APM) was built for a world that no longer exists—where applications ran in controlled environments.

A survey of 700 U.S. and UK engineering leaders and developers finds a lack of visibility into the consumption of cloud infrastructure.

Kubernetes History Inspector (KHI) visualizes cluster logs

- GCP containers blogs - March 07, 2025

Kubernetes History Inspector, or KHI, analyzes logs, extracts state information for each component, and visualizes it in a chronological timeline.

AI Hypercomputer: 4 use cases, tutorials, and guides

- GCP compute blogs - March 07, 2025

Discover use cases for efficient inference, large training clusters, high reliability & easy setup on AI Hypercomputer. Includes tutorials & guides.

DeepSource has made available an open source static code analysis tool, dubbed Globstar, that DevSecOps can employ to embed code checkers.

Infrastructure as Code (IaC) has become the standard for managing cloud infrastructure, but it introduces significant challenges, particularly around security and compliance.

New Relic's Intelligent Observability Platform Is Ambitious

- thenewstack.io observability - March 07, 2025

New Relic's new observability platform uses AI to help integrate AI agents, summarize telemetry data, offer predictions about performance issues and more.

Ragnar Loader malware enables ransomware groups to maintain stealthy access, evade detection, and execute remote control operations.

Welcome StrimziCon 2025!

- cncf.io - March 07, 2025

We are very pleased to announce the return of StrimziCon, scheduled later this year! After the huge success of StrimziCon 2024, the Strimzi community decided to repeat the event for 2025.

Microsoft exposes a malvertising campaign impacting 1M+ devices, using GitHub, PowerShell, and RATs for data theft.

The attacker published at least seven malicious packages on the Go Module Mirror that, if installed, will deliver a backdoor.

Discover how ASPM unifies code insights and runtime data to close security gaps and prevent threats. Join Palo Alto Networks' webinar to learn more.

PCI DSS v4 introduces strict script security and monitoring mandates. Learn how A&F tackled compliance to avoid $100,000/month fines.

Malicious PyPI package set-utils steals Ethereum private keys, exfiltrating them via Polygon RPC to evade detection.

U.S. and Europol seize Garantex website, citing darknet ties. Tether blocks wallets worth 2.5B rubles.

Bybit's $1.5B crypto heist linked to North Korean hackers. 77% of funds remain traceable, while Web3 losses hit $1.6B in 2025

A critical vulnerability has been discovered in Perforce software, allowing attackers to gain full administrative access to systems worldwide

Hackers exploit CVE-2024-4577 to breach Japanese firms, leveraging Cobalt Strike, PowerShell, and advanced persistence techniques.

Feds Link $150M Cyberheist to 2022 LastPass Hacks

- krebsonsecurity.com - March 07, 2025

In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing…

The open-source container orchestration system for automating software deployment, scaling, and management has earned a bad rep for being too complicated. In this post, let's explore whether that…

Kubestronaut in Orbit: Gerardo López

- cncf.io - March 06, 2025

Gerardo is a passionate Cloud Native Advocate, Kubernetes expert, and Docker Captain with a strong focus on DevOps, software development, and security. Based in Costa Rica, he has earned several…

OpenTelemetry Opens the Door for Observability Startups

- thenewstack.io observability - March 06, 2025

Observablity has moved on from just metrics, logs and traces. OTel has made it easier to make sense of telemetry data and enabled more new players.

This post written by Ben Freiberg, Senior Solutions Architect. AWS Step Functions introduces an enhanced local IDE experience to simplify building state machines. Workflow Studio is now available within Visual Studio Code (VS Code) through the AWS Toolkit extension. With this integration, developers can author and edit state machines in their local IDE using the […]

Moving computation closer to the data is an old conversation; what's new is moving system intelligence closer to the data.

A survey of 731 developers, team leads, managers and executives who work with Java pinpoints inhibitors of Java developer productivity.

Datastream extracts Salesforce Data cloud data

- GCP storage blogs - March 06, 2025

Datastream, a change data capture (CDC) service, connects to Salesforce, captures changes, and delivers them to BigQuery, Cloud Storage, etc.

Amazon GameLift Streams is a new managed capability that enables game developers to deliver high-quality game streaming experiences through web browsers on virtually any device, with support for 1080p/60fps gameplay and flexible scaling options.

Dynatrace's acquisition of Metis brings AI-powered database observability to DevOps teams, enhancing troubleshooting and optimization.

Earlier today, Amazon Q Developer announced an enhanced CLI agent within the Amazon Q command line interface (CLI). With this announcement, Q Developer brings the latest agentic experience to the CLI that provide a more dynamic, interactive coding experience that works with you, and iteratively makes changes based on your feedback. Amazon Q Developer can […]

How a DevEx Initiative Aims To Save 500,000 Developer Hours

- thenewstack.io platform-engineering - March 06, 2025

Block, which includes brands like Square and Cash App, has embarked on an effort to help its 4,000-plus engineers get more productive as the company scales.

AI Cloud: What, Why, and How?

- cncf.io - March 06, 2025

The rapid growth of AI applications across industries has led to significant changes, particularly with the adoption of deep learning and generative AI, which provide a competitive advantage in…

Co-chairs: Michael Beemer, Jonathan Norris, Thomas Poignant April 1, 2025 London At the OpenFeature Summit, we want attendees to leave with a deep understanding of the latest trends and real-world use…

Elastic patched a critical Kibana flaw (CVE-2025-25012, CVSS 9.9) enabling arbitrary code execution. Update to version 8.17.3 now.

Why Is Multicloud Observability So Expensive?

- thenewstack.io observability - March 06, 2025

Organizations are struggling with escalating observability costs due to the explosion of data in cloud native environments, prompting a search for cost-effective solutions.

EncryptHub expands phishing and ransomware tactics, leveraging PPI services, trojanized apps, and EncryptRAT to target high-value victims.

Medusa ransomware surged 42% in 2024, claiming nearly 400 victims. Spearwing exploits Microsoft flaws to breach networks

Outsmarting Cyber Threats with Attack Graphs

- thehackernews.com - March 06, 2025

Attack graphs provide continuous visibility into attack paths, enabling proactive threat detection and risk mitigation.

Making the Fediverse More Accessible With Claude 3.7 Sonnet

- thenewstack.io networking - March 06, 2025

How Claude's Sonnet LLM and ChatGPT helped simplify connections between decentralized and centralized social networks.

Over 1,000 WordPress sites infected with JavaScript backdoors, enabling persistent access and malware deployment.

U.S. charges 12 Chinese nationals in a cyber espionage case linked to PRC's MPS, MSS, and APT27.

Google Cloud launches 42nd cloud region in Sweden

- GCP infra blogs - March 06, 2025

Google Cloud is excited to announce the launch of its 42nd cloud region in Sweden.

Who is the DOGE and X Technician Branden Spikes?

- krebsonsecurity.com - March 06, 2025

At 49, Branden Spikes isn't just one of the oldest technologists who has been involved in Elon Musk's Department of Government Efficiency (DOGE). As the current director of information technology at X/Twitter and an early hire at PayPal, Zip2, Tesla…

How to Avoid Core Services Chaos in Kubernetes

- thenewstack.io devops - March 05, 2025

Kubernetes Pro Tip: Investing in automation, enforcing consistency, and adopt fleet management strategies.

WanAware: 21 Packets' Affordable Observability Play

- thenewstack.io observability - March 05, 2025

WanAware emerges from 21Packets' infrastructure to offer a cost-effective observability platform that simplifies telemetry integration and scales to handle global deployments with fewer personnel.

This post was jointly authored by Kevin Liu (Senior PMT), Jens-Uwe Walther (Senior STAM-Containers), and Drew Sirenko (Software Dev Engineer). Introduction In this post, we explore how to modify Amazon Elastic Block Store (Amazon EBS) volumes on Kubernetes without application downtime. Learn how to use the VolumeAttributesClass API alongside the Amazon EBS Container Storage Interface […]

We're excited to announce that Amazon Web Services (AWS) has completed the annual Dubai Electronic Security Centre (DESC) certification audit to operate as a Tier 1 Cloud Service Provider (CSP) for the AWS Middle East (UAE) Region. This alignment with DESC requirements demonstrates our continued commitment to adhere to the heightened expectations for CSPs. Government […]

AI-driven security tools enable faster threat detection while reducing the workload on developers.

Silk Typhoon exploits zero-day vulnerabilities, stolen API keys, and cloud services to infiltrate IT supply chains and government networks worldwide.

Metrics, logs, traces and profiles hold information that businesses need to run more cost-effective and resilient infrastructure.

Defending against USB drive attacks with Wazuh

- thehackernews.com - March 05, 2025

USB attacks exploit common devices to spread malware. Wazuh detects threats like Stuxnet and Raspberry Robin across OS platforms.

Dark Caracal APT deploys Poco RAT malware in Latin America, targeting enterprises via phishing lures. Attackers use .REV archives to evade detection.

Introducing AI Protection: Security for the AI era

- GCP security blogs - March 05, 2025

Google Cloud's new AI Protection safeguards AI workloads and data across clouds and models - no matter the platform. Here's how it can help your team.

As the de facto standard in cloud-native batch computing, Volcano has been widely adopted across various scenarios, including AI, Big Data, and High-Performance Computing (HPC).

Google introduces AI scam detection for Android, flagging fraudulent calls and texts in real time.

The global cloud native community thrives on diversity and collaboration, bringing together contributors, users, and enthusiasts worldwide. As we continue to grow and expand, we are committed to…

Observability has evolved beyond traditional monitoring, integrating AI, automation, and security. Initially, monitoring focused on collecting logs and metrics separately, often leading to silos and…

LCNC platforms now enable organizations to implement CI/CD enabling people with little coding experience to build and modify applications.

Identity: The New Cybersecurity Battleground

- thehackernews.com - March 05, 2025

80% of breaches stem from compromised Identity credentials. Learn why centralizing Identity is crucial for security resilience.

Lotus Panda targets Asian government and media sectors with new Sagerunex backdoor variants using Dropbox, X, and Zimbra for covert operations.

Attackers are using typosquatted Go packages to deploy malware on Linux and macOS, targeting financial developers.

In this blog, you will learn how to use the AWS SSM(Systems Manager) to access the Private EC2

This post was jointly authored by Praseeda Sathaye (Principal Solutions Architect, Containers & OSS), AJ Davis (AWS Enterprise Support) and Arvind Viswanathan (Principal Solutions Architect). Introduction In the rapidly evolving world of containerized applications, maintaining resilience and observability across Kubernetes environments has become a critical challenge. As organizations increasingly adopt Amazon Elastic Kubernetes Service (Amazon […]

Rethinking Kubernetes Multitenancy: A Smarter Approach for Platform Engineers

- thenewstack.io platform-engineering - March 04, 2025

By virtualizing Kubernetes, platform engineers can streamline operations and reduce infrastructure sprawl.

This post is written by Mark Nguyen, Principal Solutions Architect, AWS and Ryan Fillis, Solutions Architect, AWS. AWS Outposts brings native AWS services, infrastructure, and operating models to virtually any data center, co-location space, or on-premises facility. Deploying Outposts servers in your environment necessitates additional considerations regarding local network connectivity and Amazon Elastic Compute Cloud […]

As we dive into 2025, we're thrilled to announce our latest group of AWS Heroes! These exceptional individuals have demonstrated outstanding expertise and innovation, and are committed to sharing knowledge. Their contributions to the AWS community are greatly appreciated, and today we're excited to celebrate them. Ahmed Bebars – New Jersey, USA Container Hero Ahmed […]

We're pleased to announce that Google Cloud has been recognized as a Leader in The Forrester Wave™: Data Security Platforms, Q1 2025 report.

Boston and Tel Aviv, United States, 4th March 2025, CyberNewsWire

Black Basta and CACTUS ransomware groups share the BackConnect module, suggesting a shift in affiliations.

Couchbase Edge Server Cuts Hardware Needs

- thenewstack.io edge-computing - March 04, 2025

Lightweight database server and sync solution delivers offline-first computing with minimal hardware requirements.

Are Your Apps Truly Nomadic?

- thenewstack.io edge-computing - March 04, 2025

With edge-native computing and multiregion, multicloud, multi-edge deployments, we've entered the age of the location-independent nomadic apps.

Co-chairs: Rajas Kakodkar, Ricardo Rocha, Thiago Gil, Yuan Tang April 1, 2025 London Cloud Native & Kubernetes AI Day brings together a diverse range of technical enthusiasts, open source contributors…

Broadcom patches three actively exploited VMware flaws, including a critical (CVSS 9.3) bug enabling code execution. Update now for protection.

Moderne today added an artificial intelligence (AI) agent to its platform for refactoring codebases residing in multiple repositories.

For over a decade, the Open Networking & Edge Summit has been the premier gathering for leaders in open networking, edge, cloud, and IoT industries. It's a unique event that fosters a neutral…

AI-powered credential stuffing could worsen in 2025, as attackers scale automation to breach accounts. Defending identity security is now more critica

Hackers used a compromised Indian electronics firm's email to deliver a Golang backdoor in a UAE-targeted phishing campaign.

Cybercriminals exploit ISPs in China and the U.S. West Coast, deploying info stealers, crypto miners, and brute-force tools on over 4,000 IPs.

Now that IBM has completed the acquisition of HashiCorp the focus will now shift toward integration, development and deployment.

Quesma, Alibaba and Datadog: A collaboration that promises to revolutionize how developers implement observability in Go applications.

CISA adds five exploited vulnerabilities to its KEV catalog, including flaws in Cisco, Microsoft, and Progress software.

Google's March 2025 Android Security Bulletin fixes 44 vulnerabilities, including two actively exploited flaws.

Businesses are increasingly adopting real-time data processing to stay ahead of user expectations and market changes. Industries such as retail, finance, manufacturing, and smart cities are using streaming data for everything from optimizing supply chains to detecting fraud and improving urban planning. The ability to use data as it is generated has become a critical […]

Developers aren't being replaced but empowered—AI tools optimize workflows, accelerate testing, and improve code quality.

San Francisco, California, 3rd March 2025, CyberNewsWire

Amazon Web Services (AWS) is headed to London for KubeCon + CloudNativeCon Europe 2025. Join us at Booth S300 in Excel London from April 1-4 to discover our latest innovations and learn how our customers, partners, and community members are transforming their businesses with Kubernetes. Experience hands-on demonstrations of AWS solutions that simplify Kubernetes operations, […]

JavaGhost exploits AWS misconfigurations to run phishing campaigns via SES and WorkMail, evading email protections

I have fond memories of the time I built an application live at the AWS GenAI Loft London last September. AWS GenAI Lofts are back in locations such as San Francisco, Berlin, and more, to continue providing collaborative spaces and immersive experiences for startups and developers. Find a loft near you for hands-on access to […]

Amazon Bedrock Data Automation streamlines the extraction of valuable insights from unstructured multimodal content (documents, images, audio, and videos) by providing a simplified way to build intelligent document processing and media analysis solutions, while offering both standard and custom output configurations through blueprints.

Opus Security today unveiled a platform that employs AI agents to its vulnerability management platform, trained to discover known issues.

The OpenSSF has launched an initiative to provide maintainers of open source software projects with a set of baseline security requirements.

The OpenTelemetry community is excited to announce the beta release of the OpenTelemetry Go Auto-Instrumentation project! This milestone brings us closer to our mission of making observability simple…

Data on Kubernetes is a growing field, with databases, object stores, and other stateful applications moving to the platform. The Data Protection Working Group focuses on data availability and…

Phippy and Friends have long been a beloved part of the cloud native ecosystem, making complex technologies more approachable through storytelling. As interest in these books grows…

U.K. ICO launches investigations into TikTok, Reddit, and Imgur over concerns about children's data privacy and online safety compliance

Threat actors use ClickFix to spread Havoc C2 malware via SharePoint and Microsoft Graph API, while scammers exploit Google Ads to target PayPal users

Paragon Software patches CVE-2025-0289, a zero-day flaw in BioNTdrv.sys, exploited for privilege escalation and ransomware

Landing Zone Accelerator on AWS (LZA) enables customers to deploy a flexible, configuration-driven solution to establish a landing zone while also leveraging AWS Control Tower. At AWS Professional Services, we've helped customers deploy and configure LZA hundreds of times. A common request we encounter is integrating LZA configuration into customers' existing GitOps workflows. GitOps has […]

Get exclusive insights on cyber attacks—including expert analysis on zero-day exploits, AI breaches, and crypto hacks—in our free newsletter.

By adopting an AI API management strategy, organizations can harness AI's full potential while maintaining compliance and efficiency.

Against a backdrop of escalating threats and costly consequences, organizations need a comprehensive, multilayered approach to API security.

The New Ransomware Groups Shaking Up 2025

- thehackernews.com - March 03, 2025

Ransomware attacks rose 11% in 2024, with 5,414 incidents and 46 new groups emerging. RansomHub led with 531 attacks.

The five DevOps engineer job postings shared this week include roles at Cox Communications, Whatnot and AccreteAI.

Discover how Anthropic's Claude Code brings AI-powered development capabilities to your terminal, streamlining DevOps workflows.

Vo1d botnet infects 800K+ Android TVs daily, peaks at 1.59M devices, with India's cases surging 18-fold. Experts warn of escalating cyber threats.

Locks, leases, fencing tokens, FizzBee!

- surfingcomplexity.blog - March 03, 2025

FizzBee is a new formal specification language, originally announced back in May of last year. FizzBee's author, Jayaprabhakar (JP) Kadarkarai, reached out to me recently and asked me what I …

Kubernetes And DevOps Job Market in 2025

- devopscube.com - March 03, 2025

In this Kubernetes and DevOps job market blog, we will look into the top DevOps tools, popular certifications,

SRE Weekly Issue #466 – SRE WEEKLY

- sreweekly.com - March 02, 2025

Mozilla updates Firefox Terms of Use again after privacy concerns over broad data rights language. Company clarifies no ownership over user content

One of the most notorious providers of abuse-friendly "bulletproof" web hosting for cybercriminals has started routing its operations through networks run by the Russian antivirus and security firm Kaspersky Lab, KrebsOnSecurity has learned.

42 Experts, One Mission: Advancing Platform Engineering

- thenewstack.io platform-engineering - February 28, 2025

Platform engineering experts unite through PlatformEngineering.org's Ambassador Program to share knowledge, mentor newcomers, and drive innovation at the edge of developer productivity.

The Modern CDN Means Complex Decisions for Developers

- thenewstack.io edge-computing - February 28, 2025

Web hosting used to be simple. But distributing, securing and optimizing apps and sites relies on a mix of infrastructure and cloud services.

Cellebrite's zero-day exploit bypassed an Android lock screen to access a Serbian activist's phone. Amnesty links attack to Linux kernel flaws.

Post-quantum cryptography may seem like the future's problem, but it will soon be ours if IT doesn't move faster, explains Google Cloud's Christiane Peters.

Responding to security findings is important for maintaining the security posture of your Amazon Web Service (AWS) environment. By promptly addressing identified vulnerabilities, misconfigurations, or potential threats, you can mitigate risks, protect your data and resources, and help ensure compliance with industry standards and regulatory requirements. As shown in Image 1, effective incident response follows a […]

Edge Wars Heat Up as Arm Aims to Outflank Intel, Qualcomm

- thenewstack.io edge-computing - February 28, 2025

Arm's v9 platform redefines edge computing with billion-parameter AI models, microcontroller elimination, and seamless integration with leading frameworks for developers pushing AI to the extreme edge.

How dynamic 5G services are possible with AI

- GCP networking blogs - February 28, 2025

With intent-based service management, 5G network resources can scale and adjust dynamically according to real-time demand defined by business and user intent.

Cybercriminals use fake CAPTCHAs in phishing PDFs to spread Lumma Stealer, targeting 7,000+ users via Webflow, GoDaddy, and YouTube

Hackers now scan port 1098 to exploit RDP vulnerabilities, targeting 740,000 IPs daily. Microsoft patches two critical flaws. Protect your business no

Orchestrate Cloud Native Workloads With Kro and Kubernetes

- thenewstack.io kubernetes - February 28, 2025

Learn about the Kubernetes Resource Orchestrator here: We define a Resource Graph Definition for WordPress and deploy multiple instances by creating them as Kro applications.

Microsoft identifies four cybercriminals behind Storm-2139, an AI abuse scheme exploiting Azure OpenAI services for illicit content.

This article addresses the advantages, obstacles and opportunities concerning blending and integrating generative AI with DevOps.

Nearly 12,000 live secrets found in LLM training data, exposing AWS, Slack, and Mailchimp credentials—raising AI security risks.

Sticky Werewolf deploys Lumma Stealer via phishing attacks in Russia and Belarus, stealing credentials, banking data, and cryptowallet information.

Amazon Web Services (AWS) successfully completed an onboarding audit with no findings for ISO 9001:2015, 27001:2022, 27017:2015, 27018:2019, 27701:2019, 20000-1:2018, and 22301:2019, and Cloud Security Alliance (CSA) STAR Cloud Controls Matrix (CCM) v4.0. EY CertifyPoint auditors conducted the audit and reissued the certificates on February 19, 2025. The objective was to assess the level of […]

This post is written by Smriti Ohri, Senior Product Manager, EC2 and Omar Chehab, Senior Product Manager, AWS Marketplace. At re:Invent 2024, Amazon Web Services (AWS) announced the availability of third-party EC2 Image Builder components in AWS Marketplace. EC2 Image Builder is a fully managed service that streamlines the customization, testing, distribution, and lifecycle management […]

StarlingX 10: Support for Dual-Stack Networking at the Edge

- thenewstack.io edge-computing - February 27, 2025

StarlingX, the open source distributed cloud platform, has officially launched its much-anticipated version 10.0.

Boost Your CI/CD Pipeline: Automate Docker With GitHub Actions

- thenewstack.io devops - February 27, 2025

Learn how to automate Docker workflows using GitHub Actions for faster deployment.

Carving Relevance Cost-Effectively From Observability Data

- thenewstack.io devops - February 27, 2025

San Francisco-based startup Sawmills helps companies dig out from their overwhelming mounds of telemetry readings and control their budgets.

Standards are only useful if they're widely adopted, and adoption is only effective if the available tooling facilitates it. I imagine SI units would not have been too popular when they were…

Winos 4.0 malware, deployed via phishing emails impersonating Taiwan's tax authority, steals data through keylogging, clipboard monitoring, and remote

Introduction AWS services generate rich log and metric data, enabling you to create comprehensive dashboards that reveal valuable insights, including detailed visibility into Virtual Private Cloud (VPC) connectivity patterns. This post demonstrates how Amazon QuickSight and Amazon Q in QuickSight enable data visualization from any source. We focus on visualizing connectivity patterns in VPCs to showcase the […]

Apollo GraphQL has delivered on its promise to integrate REST application programming interfaces, also added a query planner to Router 2.0.

Space Pirates deploys LuckyStrike Agent malware to infiltrate Russian IT networks, using OneDrive for C2 and evading detection for 19 months.

90% of enterprise GenAI usage bypasses IT oversight, exposing organizations to data leaks and security risks.

TgToxic malware evolves with advanced anti-analysis, DGA-based C2, and global expansion, targeting banking and crypto users

PolarEdge botnet exploits unpatched Cisco router flaw to infect 2,017 devices globally, using a TLS backdoor and FTP payloads tied to Huawei Cloud.

F5 launches a converged Application Delivery and Security Platform, empowering teams to manage hybrid multicloud and AI-driven workloads.

Chinese AI startup DeepSeek introduced discounted off-peak pricing for developers looking to use its AI models.

FBI confirms North Korea's Lazarus Group stole $1.5B from Bybit, surpassing 2024's total crypto heists. Investigations reveal a supply chain attack vi

This post discusses my current small business setup as the most cost-effective web and email hosting solution

Today, we're excited to announce that AWS Chatbot has been renamed to Amazon Q Developer, representing an enhancement to developer productivity through generative AI-powered capabilities. This update represents more than a name change – it's an enhancement of our chat-based DevOps capabilities. By combining AWS Chatbot's proven functionality with Amazon Q's generative AI capabilities, we're […]

Observability: Do You Need a Data Lake?

- thenewstack.io observability - February 26, 2025

Data lakes can gather and integrate data to help gain analytical insights and improve business operations. But observability doesn't always require them.

Many organizations use third-party Cloud Security Posture Management (CSPM) tools (for example Wiz.io) to continuously detect and remediate misconfiguration from build time to runtime across hybrid clouds such as AWS. CSPM tools often use AWS resource tags to enhance their security and compliance monitoring capabilities. Tags are key-value pairs that you can assign to AWS resources […]

Kubescape becomes a CNCF incubating project

- cncf.io - February 26, 2025

The CNCF Technical Oversight Committee (TOC) has voted to accept Kubescape as a CNCF incubating project. Kubescape is an open-source Kubernetes security project designed to offer comprehensive…

An XSS vulnerability in Krpano was exploited to hijack 350+ websites, manipulating search results for spam ads. The latest update mitigates the risk.

Inter-network communication design with ncc vpc peering

- GCP networking blogs - February 26, 2025

How to use Cross-Cloud Network to design inter-network communication architectures with Network Connectivity Center or VPC peering.

Kubestronaut in Orbit: Samah Eddaoudi

- cncf.io - February 26, 2025

This week's Kubestronaut in Orbit is Samah Eddaoudi! As a recent graduate in networks and telecommunications, Samah transitioned into the field of DevOps and cloud engineering, building on her strong…

Kubernetes Operator for PostgreSQL Hits the CNCF Sandbox

- thenewstack.io cloud-native - February 26, 2025

EnterpriseDB's CloudNativePG, a Kubernetes operator for PostgreSQL, has been accepted into the CNCF sandbox, simplifying database management within Kubernetes environments by automating high availability and failover.

Legit Security this week added an ability to determine the level of risk a vulnerability actually represents to its ASPM platform.

Leaked Black Basta chat logs expose internal conflicts, $107M in ransom earnings, and new attack tactics. Key members defect, leaving victims without

Kubescape Achieves CNCF Incubation Status

- thenewstack.io kubernetes - February 26, 2025

The Cloud Native Computing Foundation has promoted Kubescape, an open source Kubernetes security project, to incubation status.

An analysis of commercial codebases finds 86% of commercial codebases evaluated contained open-source software vulnerabilities.

AI-driven SOC 3.0 automates 100% of alerts, cuts response time from days to minutes, and enables proactive threat detection—reducing costs and analyst

Auto-Color Linux malware targets governments and universities, using stealth tactics and encryption to evade detection and maintain persistence.

Malicious Python package "automslc" (104K+ downloads) enables Deezer piracy, bypassing API restrictions and linking to a C2 server.

CERT-UA warns of UAC-0173 phishing deploying DCRat via Cloudflare R2, using RDP exploits, FIDDLER, and SENDMAIL to target Ukrainian notaries.

Hackers crack passwords using brute force, dictionary, and rainbow table attacks. Protect data with MFA, strong hashing, and complex passwords

New research analyzing code reveals AI tools may accelerate development but potentially at the expense of maintainable, quality code.

Google launches free version of Gemini Code Assist, offering AI-powered coding and GitHub reviews for individuals and teams.

CISA adds Microsoft Partner Center and Zimbra ZCS flaws to its KEV catalog, citing active exploitation. Federal agencies must patch by March 18 to mit

A U.S. Army soldier who pleaded guilty last week to leaking phone records for high-ranking U.S. government officials searched online for non-extradition countries and for an answer to the question "can hacking be treason?" prosecutors in the case said Wednesday.…

AI in Dev Tools: Accelerating, but Learning the Limits

- thenewstack.io devops - February 25, 2025

Companies must navigate a complex interplay of innovation, regulation, and workforce evolution as technology advances.

Introduction Unlike traditional VPN-based approaches, AWS Verified Access evaluates multiple dimensions of access, including user identity, device posture, and application-specific policies. This means organizations can ensure that only fully authenticated and authorized users can access sensitive resources, regardless of their physical network location. The result is a more flexible, secure, and manageable approach to enterprise […]

New Relic today added additional capabilities to its observability platform, including RAG tools, which are all enabled by AI.

The CNCF Kubernetes Policy Working group (WG) has just released the Shift Down Security paper to help educate the community about how organizations can leverage cloud native security best practices to…

LightSpy malware now supports 100+ commands across platforms, targeting Facebook and Instagram data while expanding operational control.

Ghostwriter deploys malware-laced Excel files, steganography, and obfuscated macros to target Ukraine and Belarus.

Docker has revised its previously announced pull limits and eliminated consumption-based charges for image pulls.

Teleport today added an offering that makes it simpler to declaratively secure IT infrastructure and workloads.

The DeceptiveDevelopment operation targets freelance developers with bogus hiring processes to steal crypto and login information.

Cary, NC, 25th February 2025, CyberNewsWire

The key selections of AI/ML integration in CI/CD pipelines assist through automating test cases, analytics and self-healing principles.

5 Active Malware Campaigns in Q1 2025

- thehackernews.com - February 25, 2025

NetSupport RAT spread via fake CAPTCHAs, Lynx stole 170GB, and AsyncRAT used Python payloads in Q1 2025.

A large-scale malware campaign exploited a vulnerable Windows driver to bypass security and deploy HiddenGh0st RAT.

GitVenom malware on GitHub stole $456K in Bitcoin via fake projects, hijacking wallets and banking data.

New OpenAI research shows AI models like Claude 3.5 solve fewer than half of real-world software engineering tasks from a $1M benchmark.

FatalRAT malware is targeting APAC industries via phishing, using Chinese cloud services for stealthy multi-stage infection

CISA adds Adobe ColdFusion and Oracle Agile PLM flaws to KEV catalog, urging agencies to patch by March 17, 2025, to prevent exploitation

Organizations seeking to adhere to the Canadian Centre for Cyber Security (CCCS) Protected B High Value Assets (PBHVA) overlay requirements can use the Landing Zone Accelerator (LZA) on AWS solution with the CCCS Medium configuration to accelerate their compliance journey. To further support customers, AWS recently collaborated with Coalfire to assess and verify the LZA […]

Claude 3.7 Sonnet hybrid reasoning model is Anthropic's most intelligent model to date excelling at coding and powering AI agents. It is the first Claude model to offer extended thinking—the ability to solve complex problems with careful, step-by-step reasoning.

Edge Computing Gets Supercharged with Intel's New SoC

- thenewstack.io edge-computing - February 24, 2025

Intel's new Xeon 6 SoC consolidates edge computing power into a single chip for developers in an increasingly AI-driven environment.

As your Amazon Web Services (AWS) environment grows, you might develop a need to grant cross-account access to resources. This could be for various reasons, such as enabling centralized operations across multiple AWS accounts, sharing resources across teams or projects within your organization, or integrating with third-party services. However, granting cross-account access requires careful consideration […]

Observability Can Get Expensive. Here's How to Trim Costs

- thenewstack.io observability - February 24, 2025

Do you need all the data your telemetry pipeline collects? Do you need to store it all? These are some of the questions your organization must answer.

AWS Developer Day 2025, held on February 20th, showcased how to integrate responsible generative AI into development workflows. The event featured keynotes from AWS leaders including Srini Iragavarapu, Director Generative AI Applications and Developer Experiences, Jeff Barr, Vice President of AWS Evangelism, David Nalley, Director Open Source Marketing of AWS, along with AWS Heroes and technical […]

Surging since January 2025, ACR Stealer exploits cracked software to steal credentials, leveraging dead drop resolvers via Google Forms and Telegram.

New Cloud Trace features to troubleshoot latency and errors

- GCP devops/sre blogs - February 24, 2025

New UI features in Cloud Trace, part of Google Cloud Observability, make it easier to troubleshoot latency and errors in your applications.

Many customers want to seamlessly integrate their on-premises Kubernetes workloads with AWS services, implement hybrid workloads, or migrate to AWS. Previously, a common approach involved creating long-term access keys, which posed security risks and is no longer recommended. While solutions such as Kubernetes secrets vault and third-party options exist, they fail to address the underlying […]

Kubernetes is the de facto standard for container orchestration, but managing a complete infrastructure efficiently remains a significant challenge. Without a standardized approach…

GitLab is now making generally available an edition of the company's Duo DevOps platform infused with AI for self-hosted IT environments.

Ransomware attacks happen in three stages. Detect shadow copy deletion, process injection, and security service terminations early to stop encryption

Get the scoop on cyber heists, AI scam secrets, and game-changing data protection shifts in our weekly recap. Stay ahead of the threats—dive in now

Google Cloud KMS adds NIST post-quantum cryptography, enabling quantum-safe digital signatures for future-proof encryption.

Australia bans Kaspersky software over national security risks, mandating full removal by April 1, 2025. The move follows similar U.S. restrictions.

Five Great DevOps Job Opportunities - DevOps.com

- devops.com - February 24, 2025

The five DevOps job opportunities posted this week are all engineer roles and companies include Costco wholesale and Northrop Grumman.

AWS CloudTrail Lake introduces powerful new features to help you analyze and investigate your AWS activity logs more efficiently. New capabilities include enhanced event filtering, AI-powered natural language querying, AI-powered query result summarization, cross-account sharing of event data stores, and comprehensive dashboard capabilities. These enhancements enable deeper insights and faster investigations while providing greater control over data ingestion costs and analysis, making it easier than ever to monitor and secure your AWS environments.

Trump 2.0 Brings Cuts to Cyber, Consumer Protections

- krebsonsecurity.com - February 23, 2025

One month into his second term, President Trump's actions to shrink the government through mass layoffs, firings and withholding funds allocated by Congress have thrown federal cybersecurity and consumer protection programs into disarray. At the same time, agencies are battling…

SRE Weekly Issue #465 – SRE WEEKLY

- sreweekly.com - February 23, 2025

An incident report from the vault, along with its

Introduction to Service Mesh

- thenewstack.io service-mesh - February 22, 2025

Learn how service mesh improves microservices security, traffic management and observability with solutions like Istio and Linkerd.

Bybit suffered a record $1.46B crypto theft in a sophisticated attack, linked to North Korea's Lazarus Group.

OpenAI banned accounts using ChatGPT for AI-powered surveillance and influence campaigns linked to China, Iran, and North Korea.

Chair: Sebastian Stadil April 1, 2025 London OpenTofu Day is the best place to connect with the OpenTofu community. It's a fantastic place to talk shop with other infrastructure or platform engineers…

Co-chairs: Blair Fraser, Bryan Landes, Balaji Sivasubramanian April 1, 2025 London We want attendees at BackstageCon to leave with a deeper understanding of the latest trends and use cases of…

Bypass Docker Hub Rate Limits With This Stateless Image Cache

- thenewstack.io kubernetes - February 21, 2025

Frustrated by image registry rate limits, outages, and limited bandwidth? With the open source Spegel, Kubernetes nodes can pull images from each other, peer-to-peer style.

Kubernetes Gets a New Resource Orchestrator in the Form of Kro

- thenewstack.io kubernetes - February 21, 2025

Kro is a Kubernetes native framework that simplifies the creation of complex Kubernetes resource configurations, grouping them into reusable units.

AWS Network Firewall's automated domain lists feature enhances network security by analyzing HTTP and HTTPS traffic patterns, providing visibility into domain usage, and simplifying the creation and management of outbound traffic controls through domain-based allowlisting.

Endor Labs has allied with GitHub to integrate its software composition analysis (SCA) tools directly within DevOps workflows.

Why Has DevSecOps Failed? - DevOps.com

- devops.com - February 21, 2025

DevSecOps is failing because we underestimated the complexity of cultural transformation and the importance of human-centered tools.

AI-Powered Deception is a Menace to Our Societies

- thehackernews.com - February 21, 2025

AI-generated misinformation is rising, with 1,150 fake news sites identified. Deepfakes, voice cloning, and LLM-driven deception threaten elections an

Apple removes iCloud Advanced Data Protection in the UK after government demands access, raising privacy concerns.

CISA adds CVE-2025-23209 to its KEV list as Craft CMS faces active exploitation, urging agencies to patch by March 13, 2025.

Salt Typhoon exploited CVE-2018-0171 and stolen credentials to infiltrate U.S. telecom networks, persisting undetected for over three years.

Darcula v3 automates phishing kit creation, allowing attackers to clone any website in minutes. Netcraft has blocked 95,000 domains, yet threats persi

Leaked TopSec work logs expose China's censorship infrastructure, linking the firm to state-backed content monitoring projects

Weak identity security can lead to breaches and downtime. Learn expert strategies to reduce security debt and future-proof your defenses.

Announcing CDK Garbage Collection | Amazon Web Services

- AWS devops blogs - February 21, 2025

The AWS Cloud Development Kit (CDK) is an open source framework that enables developers to define cloud infrastructure using a familiar programming language. Additionally, CDK provides higher level abstractions (Constructs), which reduce the complexity required to define and integrate AWS services together when building on AWS. CDK also provides core functionality like CDK Assets, which […]

A guide to optimizing image generation pipelines

- GCP compute blogs - February 21, 2025

Learn about three things you can optimize to improve your image generation pipelines: hardware, inference code, or inference pipelines.

Public IP health checks in Cloud DNS now GA

- GCP networking blogs - February 21, 2025

Public IP health checking with Cloud DNS routing policies let you build resilient applications, no matter where your workloads reside.

Managing high-performance file storage can be a significant operational and cost challenge for many organizations, especially those running compute-intensive workloads such as high-performance computing (HPC) or data analytics. This is particularly true for organizations with existing data lakes on Amazon S3 who need POSIX-compliant, high-performance file system access. Amazon FSx for Lustre provides a scalable, […]

Imagine a company like a movie studio, one that works with enormous volumes of video files, scripts, and animation assets. They store these files on a high-performance file system such as Amazon FSx for Lustre, a fully managed shared storage built on the world's most popular high-performance file system. Each file has metadata, such as […]

The schedule for the CNCF Maintainer Summit on 31 March 2025 in London is now live. The CNCF Maintainer Summit happens on the Monday before KubeCon + CloudNativeCon Europe 2025, and is an exclusive…

AI Dev Tools: How To Containerize Agents Using Dagger

- thenewstack.io ci-cd - February 20, 2025

Meet the new primitive. The creator of Docker strongly advocates for the containerization of AI agents, for sanity's sake. Here's how.

Announcing quantum-safe digital signatures in Cloud KMS

- GCP security blogs - February 20, 2025

New PQC news: We're introducing quantum-safe digital signatures in Cloud KMS, and we're sharing more on our PQC strategy for Google Cloud encryption products.

The new Arm extension for GitHub Copilot streamlines migration to Arm architecture, reducing development time while offering optimization.

Chinese-aligned hackers exploited CVE-2024-24919 to deploy ShadowPad malware and NailaoLocker ransomware, targeting European healthcare networks.

North Korean hackers use fake job interviews on Upwork and GitHub to infect crypto developers with BeaverTail and InvisibleFerret malware, stealing cr

Applying SRE principles to your MLOps pipelines

- GCP devops/sre blogs - February 20, 2025

As AI and ML become more prevalent, administrators can use Site Reliability Engineering (SRE) techniques to manage the ML infrastructure and software.

100 million Li-ion cells in Google data centers

- GCP infra blogs - February 20, 2025

Google has more than 100 million Li-ion cells in battery packs in its global data center fleet thanks to its stringent safety-first approach.

Kmesh v1.0 officially released!

- cncf.io - February 19, 2025

At the beginning of the new year 2025, we are thrilled to announce the official release of Kmesh v1.0.0. We extend our heartfelt gratitude to all Kmesh community contributors for their relentless…

The Open Source Technology Improvement Fund (OSTIF) is proud to share the results of our security audit of Linkerd. Linkerd is an open source service mesh for Kubernetes which prioritizes reliability…

Ambassador post by Gerardo Lopez (The Spanish version of this post is below.) As a CNCF Ambassador and proud Kubestronaut, I am always eager to explore innovative tools that enhance the resilience and…

Cary, North Carolina, 19th February 2025, CyberNewsWire

Sawmills today emerged from stealth to launch a platform that makes use of AI models to manage telemetry data more cost-effectively.

This post is written by Brianna Rosentrater, Hybrid Edge Specialist SA and Adam Duffield, Senior Technical Account Manager. AWS Outposts extends AWS infrastructure, AWS services, APIs, and tools to on-premises locations for workloads that require low latency, local data processing, or data residency. Outposts comes in a variety of form factors, from 42U Outposts racks […]

MSPs and MSSPs can grow revenue with vCISO services, offering expert security leadership minus full-time costs.

New A4X VMs powered by NVIDIA GB200 GPUs

- GCP compute blogs - February 19, 2025

New A4X VMs powered by NVIDIA GB200 NLV72 address the compute and memory demands of AI reasoning models that use chain-of-thought.

Ericsson and Google Cloud collaborating on 5G

- GCP networking blogs - February 19, 2025

Ericsson and Google Cloud are collaborating on how mobile core networks are built and operated on public cloud infrastructure.

Starting on a cloud-native journey is more than just a technology upgrade; it's a fundamental transformation that demands a wider approach and includes people, processes, and policies as well as…

Building stuff is fun! Let's use Argo Rollouts, Istio, and Prometheus to automate a canary deployment on Kubernetes! The application we'll run is the Argo Rollouts Demo Application which does a great…

Royal Bank of Canada's Cloud Evolution

- cncf.io - February 18, 2025

Royal Bank of Canada (RBC) is a global financial services institution and Canada's largest bank (based on market capitalization). Technology is vital for RBC to deliver cutting-edge services to our…

A step-by-step look at managing and/or mitigating the three top Kubernetes security vulnerabilities

Platform Engineering on the Brink: Breakthrough or Bust?

- thenewstack.io platform-engineering - February 18, 2025

Is platform engineering at a crossroads? Will it fulfill its promise or fade away? At State of Open Con, a panel weighed what's ahead for the movement.

Hi everyone. I'm Mitch Ashley, VP and practice lead for DevOps and application development with the Futurum Group. These are my predictions for 2025. Mitch Ashley gives his DevOps and application development predictions for 2025.

Discover how DevOps practices improve your website's Core Web Vitals to enhance user experience and rankings.

A pressing issue facing the tech industry is how to strike the right balance between humans and technology regarding AI.

London, United Kingdom, 18th February 2025, CyberNewsWire

How Phished Data Turns into Apple & Google Wallets

- krebsonsecurity.com - February 18, 2025

Carding -- the underground business of stealing, selling and swiping stolen payment card data -- has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the…

Debunking the AI Hype: Inside Real Hacker Tactics

- thehackernews.com - February 18, 2025

Over 60% of breaches start with exposed assets. Attack Surface Management helps organizations detect risks before hackers do, reducing successful atta

Information security practitioners use internet protocol (IP) address-based security controls such as block lists and rate-based rules to block malicious traffic. However, blocking malicious traffic solely based on an IP address can unintentionally block legitimate users, resulting in false positives. This is because many users share an IP address behind a network address translation (NAT) […]

Introduction For large enterprises adopting AWS PrivateLink interface endpoints, the key challenges revolve around streamlining deployment processes, minimizing the number of endpoints, and optimizing costs at scale. A proven approach to address these challenges is using AWS Transit Gateway alongside Amazon Route 53 Resolver, enabling the efficient sharing of AWS PrivateLink interface endpoints across multiple […]

Canonical Extends Kubernetes Distro Support to a Dozen Years

- thenewstack.io kubernetes - February 17, 2025

Vanilla Kubernetes offers 14 months of support; Canonical is now offering 10 times that support, starting with its latest version.

Join us for the AWS Developer Day on February 20! This virtual event is designed to help developers and teams incorporate cutting-edge yet responsible generative AI across their development lifecycle to accelerate innovation. In his keynote, Jeff Barr, Vice President of AWS Evangelism, shares his thoughts on the next generation of software development based on […]

Five Great DevOps Job Opportunities - DevOps.com

- devops.com - February 17, 2025

Looking for a dream DevOps job? Check out these opportunities, including roles at The Cigna Group, Swooped and Sierra Nevada Corp.

The new Marstech1 implant uses GitHub and npm code repositories to steal cryptocurrency and steal sensitive data, SecurityScorecard says.

AWS CloudFormation: 2024 Year in Review AWS CloudFormation enables you to model and provision your cloud application infrastructure as code-base templates. Whether you prefer writing templates directly in JSON or YAML, or using programming languages like Python, Java, and TypeScript with the AWS Cloud Development Kit (CDK), CloudFormation and CDK provide the flexibility you need. […]

The management of configurations across multiple environments and tenants poses a significant challenge in modern software development. Organizations must balance maintaining distinct settings for various environments while accommodating the unique needs of different tenants in multi-tenant architectures. This complexity is compounded by requirements for consistency, version control, security, and efficient troubleshooting. AWS AppConfig offers a […]

As software development continues to evolve at a rapid pace, developers are constantly seeking tools that can streamline their workflow, improve code quality, and boost productivity. Amazon Web Services (AWS) has answered this call with the introduction of powerful new AI agents for Amazon Q Developer. AI-powered agents transform the way developers approach documentation, unit […]

Modern data lakes integrate with multiple engines to meet a wide range of analytics needs, from SQL querying to stream processing. A key enabler of this approach is the adoption of Apache Iceberg as the open table format for building transactional data lakes. However, as the Iceberg ecosystem expands, the growing variety of engines and languages has […]

SRE Weekly Issue #464 – SRE WEEKLY

- sreweekly.com - February 16, 2025

These folks decided that Google Cloud wasn't for them, and they built and migrated to their own datacenter in 9 months. This article goves over the physical buildout.

Deno Creates Board, Charter for JavaScript Registry Project

- thenewstack.io microservices - February 15, 2025

In other Dev News; CVEs Released on Three Node.js Versions; LinkedIn's solution for speeding up AI protoypes; and microfrontends in Angular?

Over the past two years, I've interviewed more than 100 executives on tech innovation. Key insights emerged. But one stood out: sustainability is no

Resilience: some key ingredients

- surfingcomplexity.blog - February 15, 2025

Brian Marick posted on Mastodon the other day about resilience in the context of governmental efficiency. Reading that inspired me to write about some more general observations about resilience. No…

The Feds Push for WebAssembly Security Over eBPF

- thenewstack.io observability - February 14, 2025

According to the federal government, WebAssembly could and should be integrated across the cloud native service mesh sphere to enhance security.

Object Store Apps: Cloud Native's Freshest Architecture

- thenewstack.io cloud-native - February 14, 2025

The object store, once a somewhat niche technology, is now becoming a fundamental building block of the modern cloud.

This post was authored by Abhishek Nanda, Containers Specialist Solutions Architect and co-written with Jayaprakash Alawala, Principal Container Specialist Solutions Architect and Rajesh Singh, Sr. Containers Specialist BDM. Introduction Amazon EKS users in the Regulatory and Compliance industry invest time and effort to build EKS custom AMIs for the worker nodes Operating System (OS) to […]

February 14, 2025: This post was updated with the recommendation to restrict S3 bucket access to an IAM role by using the aws:PrincipalArn condition key instead of the aws:userid condition key. April 2, 2021: In the section "Granting cross-account bucket access to a specific IAM role," we updated the second policy to fix an error. […]

Introducing the AWS Trust Center | Amazon Web Services

- AWS security blogs - February 14, 2025

We're launching the AWS Trust Center, a new online resource that shares how we approach securing your assets in the cloud. The AWS Trust Center is a window into our security practices, compliance programs, and data protection controls that demonstrates how we work to earn your trust every day.

Well-architected framework to accelerate your cloud journey

- GCP devops/sre blogs - February 14, 2025

Principles-based recommendations to design & operate a Google Cloud topology that's secure, efficient, resilient, high-performing, & cost-effective.

Using MultiKueue to provision global GPU resources

- GCP compute blogs - February 14, 2025

Together, MultiKueue, GKE, and Dynamic Workload Scheduler let you provision GPU resources in a GKE cluster regardless of region.

Oracle databases typically see significant data growth which in turn increases backup, restore and database refresh times. The need to quickly backup, restore, and refresh large-scale databases is important for ensuring data consistency, business continuity, and accelerating testing and development processes. As more businesses migrate their Oracle databases to Amazon Elastic Compute Cloud (EC2) instances, […]

AWS CloudTrail now offers network activity events for VPC endpoint logging, enabling comprehensive monitoring and recording of AWS API activity through VPC endpoints to enhance security visibility, detect unauthorized access, and prevent data exfiltration without requiring custom TLS traffic inspection solutions.

Learn how to create safer Gemini model outputs that strengthen customer relationships by using content filters and system instructions.

The tech industry is betting on AI coding assistants to boost developer productivity or even replace coders entirely.

Nearly a Year Later, Mozilla is Still Promoting OneRep

- krebsonsecurity.com - February 13, 2025

In mid-March 2024, KrebsOnSecurity revealed that the founder of the personal data removal service Onerep also founded dozens of people-search companies. Shortly after that investigation was published, Mozilla said it would stop bundling Onerep with the Firefox browser and wind…

AI and Security - A New Puzzle to Figure Out

- thehackernews.com - February 13, 2025

Secure GenAI apps from evolving identity threats, tackling authentication, authorization, and AI security risks.

Introduction Today Amazon Web Services (AWS) is enhancing subnet management capabilities of Network Load Balancer (NLB). NLBs were previously restricted to only adding subnets in new Availability Zones (AZs), and they now support full subnet management, including removal of subnets, matching the capabilities of Application Load Balancer (ALB). This enhancement offers organizations greater control over […]

Go 1.24 expands support for Wasm

- GCP networking blogs - February 13, 2025

Go 1.24 expands its capabilities for WebAssembly (Wasm), now available through Google Cloud Service Extensions.

We are thrilled to announce the release of Ratify v1.4.0! This milestone release introduces significant new features that enhance Ratify's capabilities as a trusted supply chain security tool.

Agentic AI: The Next Frontier of AI Power

- thenewstack.io devops - February 12, 2025

Agentic AI uses the collective intelligence of multiple agents to automate decision-making processes, revolutionize industries, and drive transformation.

US Moves To Designate Agency CIOs as Political Appointees

- thenewstack.io devops - February 12, 2025

Should a CIO be a political appointee? Or should they be lifelong bureaucrats immune from the political winds of change?

Agentic AI Powers New Harness DevSecOps Suite

- thenewstack.io devops - February 12, 2025

Under CEO Jyoti Bansal's leadership, Harness taps Traceable to create an AI-powered DevSecOps powerhouse, combining application delivery expertise with API security.

February 12, 2025: This post was republished to include new services and features that have launched since the original publication date of June 11, 2020. Encryption is a critical component of a defense-in-depth security strategy that uses multiple defensive mechanisms to protect workloads, data, and assets. As organizations look to innovate while building trust with […]

From red teaming to tabletop exercises to the SOC Arena, Next '25 has something for security pros and newcomers alike.

A multi-cloud approach can also benefit DevOps teams if they have the training and skills necessary to maximize multi-cloud potential.

Connecting securely to RDS databases AWS Verified Access (AVA) now extends beyond HTTP apps to provide VPN-less, secure access to non-HTTP resources like RDS databases, enabling improved security and enhanced user experience for both web applications and database connections. AVA is built based on Zero Trust principles and allows administrators to define fine-grained access policies, […]

This week's Kubestronaut in orbit is Nelson Hilario Filipe, a DevSecOps Engineer and our first Kubestronaut in Mozambique. Nelson has a strong passion for shift-left security, and embarked on the…

Generative AI applications often involve a combination of various services and features—such as Amazon Bedrock and large language models (LLMs)—to generate content and to access potentially confidential data. This combination requires strong identity and access management controls and is special in the sense that those controls need to be applied on various levels. In this […]

Luxembourg, Luxembourg, 11th February 2025, CyberNewsWire

Microsoft Patch Tuesday, February 2025 Edition

- krebsonsecurity.com - February 11, 2025

Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited.

Notary Project announces Notation v1.3.0

- cncf.io - February 10, 2025

Notary Project announces new releases including notation v1.3.0, notation-go v1.3.0, notation-core-go v1.2.0 and tspclient-go v1.0.0!

Mirantis Tackles Container Sprawl With Open Source k0rdent

- thenewstack.io kubernetes - February 10, 2025

In a world where every cloud application's components are distributed, Mirantis offers k0rdent to help you manage your cloud native programs.

In 2021, Amazon Web Services (AWS) introduced the AWS Secrets and Configuration Provider (ASCP) for the Kubernetes Secrets Store Container Storage Interface (CSI) Driver, offering a reliable way to manage secrets in Amazon Elastic Kubernetes Service (Amazon EKS). Today, we're excited to announce the integration of ASCP with Pod Identity, the new standard for AWS […]

We are well settled into 2025 by now, but many people are still catching up with all the exciting new releases and announcements that came out of re:Invent last year. There have been hundreds of re:Invent recap events around the world since the beginning of the year, including in-person all-day official AWS events with multiple […]

Here's five ways to protect your cloud deployments from threat actors exploiting compromised cloud identities.

Cross-Cloud Network solutions support for AI workloads

- GCP networking blogs - February 10, 2025

In this blog we look at some of the benefits of the Cross-Cloud Network in supporting AI and HPC workloads, both managed and self-managed.

The Metamorphosis of Open Source: An Industry in Transition

- thenewstack.io cloud-native - February 09, 2025

The open source community needs active participants in shaping this future, not just observers watching the change.

SRE Weekly Issue #463 – SRE WEEKLY

- sreweekly.com - February 09, 2025

Sometimes, we can harness randomness to improve throughput and reliability.

Bluefin, a Next-Gen Linux Workstation for Containerized Apps

- thenewstack.io containers - February 08, 2025

Bluefin sets out to expose Linux users to the tools and applications widely used for cloud native computing.

How a Critical Hosting Failure Solved a DevOps Crisis

- thenewstack.io devops - February 07, 2025

Resilience isn't just about solving today's problems — it's about building systems and cultures that can adapt to tomorrow's challenges.

GenAI Meets SLMs: A New Era for Edge Computing

- thenewstack.io edge-computing - February 07, 2025

Small Language Models (SLMs) offer an excellent balance of efficiency, privacy and adaptability, making them ideal for various applications.

Clean Container Images: A Supply Chain Security Revolution

- thenewstack.io containers - February 07, 2025

Chainguard's new CVE Visualization tool shows enterprises exactly how much time and money they save by using vulnerability-free container images instead of traditional CVE-laden ones.

A Deep Dive Into Amazon EKS Auto (Part 2)

- thenewstack.io kubernetes - February 07, 2025

In the second part of this series, we'll delve into the internals of the Amazon Elastic Kubernetes Service's Auto Mode cluster.

Enhancing telecom security with AWS | Amazon Web Services

- AWS security blogs - February 07, 2025

If you'd like to skip directly to the detailed mapping between the CISA guidance and AWS security controls and best practices, visit our Github page. Implementing CISA's enhanced visibility and hardening guidance for communications infrastructure In response to recent cybersecurity incidents attributed to actors from the People's Republic of China, a number of cybersecurity agencies […]

Overview A key benefit of using the Amazon Web Services (AWS) cloud is the ability to pay only for the services you consume. This granular control and elastic model enables you to achieve substantial savings compared to on-premise infrastructure. The practice of ensuring you are getting the most value for your investment, and a foundational pillar […]

Teen on Musk's DOGE Team Graduated from 'The Com'

- krebsonsecurity.com - February 07, 2025

Wired reported this week that a 19-year-old working for Elon Musk's so-called Department of Government Efficiency (DOGE) was given access to sensitive US government systems even though his past association with cybercrime communities should have precluded him from gaining the…

This post written by Uma Ramadoss, Principal Specialist SA, Serverless and Vinita Shadangi, Senior Specialist SA, Serverless. Today, AWS Step Functions is expanding the capabilities of Distributed Map by adding support for JSON Lines (JSONL) format. JSONL, a highly efficient text-based format, stores structured data as individual JSON objects separated by newlines, making it particularly […]

Operators, administrators, developers, and many other personas leveraging AWS come across multiple use cases and common issues such as lack of permissions, bugs in code in AWS Lambda, and more when leveraging the AWS console. To help alleviate this burden when using the console, AWS released Amazon Q to assist with users accessing the console […]

OpenTelemetry: What's New With the Second-Biggest CNCF Project?

- thenewstack.io observability - February 06, 2025

OTel was created to help collect and analyze observability data at scale. In this episode of Makers, Morgan McLean, its co-creator, explores the roadmap.

Amazon Web Services (AWS) is pleased to announce the issuance of the Swiss Financial Market Supervisory Authority (FINMA) Type II attestation report with 179 services in scope. The Swiss Financial Market Supervisory Authority (FINMA) has published several requirements and guidelines about engaging with outsourced services for the regulated financial services customers in Switzerland. An independent […]

Amazon Web Services (AWS) is pleased to announce the issuance of the Criteria to Assess the Information Security of Cloud Services (PiTuKri) Type II attestation report with 179 services in scope. The Finnish Transport and Communications Agency (Traficom) Cyber Security Centre published PiTuKri, which consists of 52 criteria that provide guidance across 11 domains for […]

Experts Flag Security, Privacy Risks in DeepSeek AI App

- krebsonsecurity.com - February 06, 2025

New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three "free" downloads for Apple and Google devices since their debut on Jan. 25, 2025. But experts caution that many of DeepSeek's design choices…

Introduction As your cloud infrastructure grows and evolves, you may find the need to reorganize your AWS CloudFormation stacks for better management, for improved modularity, or to align with changing business requirements. CloudFormation now offers a powerful feature that allows you to move resources between stacks. In this post, we'll explore the process of stack […]

At KubeCon NA 2024, Solo.io announced its intention to donate the Gloo Gateway open source project to the CNCF, to benefit the broader cloud native ecosystem. In case you are not familiar with Gloo…

Developers Unhappy With Tool Sprawl, Lagging Data, Long Waits

- thenewstack.io devops - February 05, 2025

Internal developer portals are just the start toward solving the bottlenecks engineering teams face, according to the latest survey by Port.

Vercel Rolls Out More Cost-Effective Infrastructure Model

- thenewstack.io edge-computing - February 05, 2025

The frontend hosting provider is moving away from edge computing and embracing a new web application infrastructure model called Fluid.

How to Run an Effective Sprint Review

- thenewstack.io devops - February 05, 2025

An effective Sprint Review provides visibility into completed work, ensures alignment among stakeholders, and collects valuable input that allows for quick change.

Hello, we are Toru Komatsu (@utam0k) and Hiroshi Hayakawa (@hhiroshell) from Cloud Native Community Japan. The Japanese version is available below. Have you heard of CNCF's DevStats?

Amazon Web Services (AWS) is pleased to announce the renewal of the Multi-Tier Cloud Security (MTCS) Level 3 certification under the SS584:2020 standard in December 2024 for the Asia Pacific (Singapore), Asia Pacific (Seoul), and United States AWS Regions, excluding AWS GovCloud (US) Regions. This achievement reaffirms our commitment to maintaining the highest security standards for our global […]

AWS CodeBuild now includes pre-installed Fastlane in macOS environments, streamlining mobile app development by providing built-in access to automated tools for code signing, testing, and app distribution, without manual setup requirements.

TPUs improved carbon-efficiency of AI workloads by 3x

- GCP compute blogs - February 05, 2025

A new study finds that TPU hardware has seen a 3x improvement in the carbon-efficiency of AI workloads from TPU v4 to Trillium.

ControlPlane stepped in to support CNCF Flux when funding ran dry, ensuring its maintainers could continue development.

GKE's faster cluster upgrades under the hood

- GCP containers blogs - February 04, 2025

Recent enhancements to GKE and Compute Engine improves Persistent Disks (PDs) attach and detach rates, benefitting stateful workloads on GKE.

Overview The Internet Monitor feature of Amazon CloudWatch Network Monitoring now includes enhanced traffic optimization recommendation guidance that you can use to explore how to help optimize your application's latency by using different AWS Regions or Local Zones, or by using Amazon CloudFront. You can also learn how to reduce latency by routing specific IP […]

Austin, TX, USA, 4th February 2025, CyberNewsWire

Who's Behind the Seized Forums 'Cracked' & 'Nulled'?

- krebsonsecurity.com - February 04, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled, English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. An investigation into the history of these communities…

Application promotion in Devtron

- cncf.io - February 03, 2025

Member post originally published on the Devtron blog by Siddhant Khisty In the constantly evolving landscape of building and deploying applications, continuous integration (CI) and continuous…

The Engineer's Guide to Controlling Configuration Drift

- thenewstack.io devops - February 03, 2025

Automated validation is key here — it involves running tests that compare your actual environment with what you've defined.

Last week, I had an amazing time attending AWS Community Day Thailand in Bangkok. This event came at an exciting time, following the recent launch of the AWS Asia Pacific (Bangkok) Region. We had over 300 attendees and featured 15 speakers from the community, including an AWS Hero and 4 AWS Community Builders who shared […]

This post is written by Ballu Singh, Principal Solutions Architect at AWS, Sandeep Rohilla, Senior Solutions Architect at AWS and Pranjal Gururani, Senior Solutions Architect at AWS. AWS customers are able to proactively reserve future-dated Amazon EC2 On-Demand Capacity Reservations (known as future-dated CRs) to get capacity assurance for workloads and events. Because reservations can be created weeks […]

SRE Weekly Issue #462 – SRE WEEKLY

- sreweekly.com - February 02, 2025

This article series asks, do you really need ACID consistency?

You're missing your near misses

- surfingcomplexity.blog - February 01, 2025

FAA data shows 30 near-misses at Reagan Airport – NPR, Jan 30, 2025 The amount of attention an incident gets is proportional to the severity of the incident: the greater the impact to the organizat…

Member post by Gorkem Ercan, CTO, Jozu The merry band of maintainers and contributors at the KitOps project is happy to announce the 1.0 release of KitOps. Jozu kicked off the KitOps project after…

The Hidden Costs of Multiple Service Catalogs in Development

- thenewstack.io platform-engineering - January 31, 2025

Managing multiple service catalogs wastes time — here's how to centralize them.

How To Build an AI-Powered Tech Platform, Avoiding Common Failure Points

- thenewstack.io platform-engineering - January 31, 2025

Building a successful model demands more than technical prowess or a great idea.

Introduction to Containers

- thenewstack.io containers - January 31, 2025

Discover containers: the lightweight tech driving cloud native innovation, efficiency and agile development.

EKS Auto Mode is a new operational mode for Amazon EKS that streamlines the management of Kubernetes clusters by automating the provisioning, scaling, and maintenance of the underlying infrastructure.

This post was authored by Mihir Mangalvedhekar, Sr. GenAI Specialist, Next Gen Developer Experience, AWS and co-written with Rajbir Singh, Senior Technical Account Manager. Many users are taking a container-first approach for on-premises workloads using Kubernetes. Amazon EKS Anywhere lets you create and operate Kubernetes clusters on your own infrastructure. EKS Anywhere builds on the […]

FBI, Dutch Police Disrupt 'Manipulaters' Phishing Gang

- krebsonsecurity.com - January 31, 2025

The FBI and authorities in The Netherlands this week seized a number of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname "The…

New A4 VMs based on NVIDIA HGX B200, a.k.a., Blackwell GPUs, are well suited for AI training, fine-tuning and real-time serving.

Businesses use Amazon Elastic Block Store (Amazon EBS) snapshots to capture point-in-time copies of application data volumes that can serve as baseline standards when creating new volumes. This enables them to quickly launch application workloads in different AWS Regions or meet data protection and disaster recovery requirements. Security and regulatory compliance remain top priorities as […]

Organizations of all sizes face a common challenge: efficiently managing, organizing, and retrieving vast amounts of digital content. From images and videos to documents and application data, businesses are inundated with information that needs to be stored securely, accessed quickly, and analyzed effectively. The ability to extract, manage, and use metadata from this content is […]

Doubling down on open source, Mirantis invests further in the cloud native ecosystem San Francisco, CA – January 30, 2025 – The Cloud Native Computing Foundation® (CNCF®)…

Member post by Angel Ramirez, Cuemby In a rapidly evolving technological landscape, Kubernetes emerges as a transformative force in open-source innovation. Originating from a Google project in 2014…

The lights dimmed, the screen lit up, and the atmosphere was nothing short of electric. KCD Austria 2024 took place in the heart of Vienna, transforming a classic cinema into a hub of cloud native…

Introducing Kube Resource Orchestrator, or kro

- GCP containers blogs - January 30, 2025

Google worked with AWS, and Azure on kro, a Kubernetes-native, cloud-agnostic way to define groupings of Kubernetes resources.

DeepSeek-R1, a powerful large language model featuring reinforcement learning and chain-of-thought capabilities, is now available for deployment via Amazon Bedrock and Amazon SageMaker AI, enabling users to build and scale their generative AI applications with minimal infrastructure investment to meet diverse business needs.

Google Cloud's Iain Mulholland explains how cloud security can adapt to ransomware threats in 2025, with details from our latest Threat Horizons Report.

Infrastructure Laundering: Blending in with the Cloud

- krebsonsecurity.com - January 30, 2025

In an effort to blend in and make their malicious traffic tougher to block, hosting firms catering to cybercriminals in China and Russia increasingly are funneling their operations through major U.S. cloud providers. Research published this week on one such…

The Amazon Q Developer agent has evolved from a code generation tool to a comprehensive development assistant that can now build and test code in real-time within a secure sandbox environment.

By Chris Aniszczyk By consistently tracking open source project velocity, we are able to see the trends and technologies resonating with developers and end users. We have been tracking these trends…

Netkit to Network a Million Containers for ByteDance

- thenewstack.io containers - January 29, 2025

Built on eBPF, netkit offers a swifter alternative to Virtual Ethernet for container networking, ByteDance engineers have concluded.

Today, we're announcing the release of the new AWS Cloud Development Kit (CDK) L2 construct for AWS Glue. This construct simplifies the correct configuration of Glue jobs, workflows, and triggers. Reviewing Glue documentation and examples of the valid parameters for each job type and language takes time, and having to rely on synth, deploy, and […]

Introducing Workload Manager custom rules

- GCP compute blogs - January 29, 2025

With new Workload Manager custom rules, you can validate your Google Cloud deployments against best practices to help ensure they are compliant.

Large organizations and software as a service (SaaS) platforms often share storage resources across multiple users, groups, or tenants. The design pattern chosen to implement this shared storage can significantly impact how access permissions are managed at scale. This decision is key because it directly affects platforms' security and ease of scale. A well thought […]

Healthcare and life sciences (HCLS) customers are generating more data than ever as they integrate the use of omics data with applications in drug discovery, clinical development, molecular diagnostics, and population health. The rate and volume of data that HCLS laboratories generate are a reflection of their lab instrumentation and day-to-day lab operations. Efficiently moving […]

In the evolving landscape of SAP systems, the transition to web-based access via SAP FIORI has necessitated robust load balancing solutions. Traditionally, end-users accessed SAP systems using the SAP GUI installed on their PC/laptop. However, critical transactions are now increasingly processed through web browsers. For scenarios like SAP HR time entry, these transactions might also […]

Learn when and why LCU Reservation should be used and how to get started

How to Setup Vault in Kubernetes- Beginners Tutorial

- devopscube.com - January 28, 2025

This article aims to explain each of the Kubernetes vault components and step-by-step guides to set up a

Many customers are growing their data footprints rapidly, with significantly more data stored in their relational database management systems (RDBMS) than ever before. Additionally, organizations subject to data compliance including the Health Insurance Portability and Accountability Act (HIPAA), the Payment Card Industry Data Security Standard (PCI-DSS) and General Data Protection Regulation (GDPR) are often required […]

Wasm Spin and SpinKube's Rocky Road to CNCF Sandbox Status

- thenewstack.io kubernetes - January 27, 2025

Tools that emerged as a Microsoft project in 2022 have evolved into a key piece of WebAssembly's cloud native future.

This blog was authored by Chris Splinter, Principal Product Manager, AWS Kubernetes, Elamaran Shanmugam, Sr. Container Specialist Solutions Architect, AWS, Re Alvarez Parmar, Containers Specialist Solutions Architect, AWS. We are excited to announce the general availability of a new feature for Amazon Elastic Kubernetes Service (Amazon EKS) that we launched at re:Invent 2024 called Amazon […]

Simplifying GKE cluster and control-plane networking

- GCP containers blogs - January 27, 2025

We decoupled GKE control-plane access from node-pool IP configuration, providing granular control over each aspect and simplifying configuration.

I counted about 40 new launches from AWS since last week – back to our normal rhythm of releases. Services teams are listening to your feedback and developing little (or big) changes that makes your life easier when working with our services. The ability to support multiple sessions in the AWS Console is my favorite […]

We've updated Confidential Computing so it's available on even more machine types than before. Here's what's new.

A Tumultuous Week for Federal Cybersecurity Efforts

- krebsonsecurity.com - January 27, 2025

President Trump last week issued a flurry of executive orders that upended a number of government initiatives focused on improving the nation's cybersecurity posture. The president fired all advisors from the Department of Homeland Security's Cyber Safety Review Board, called…

In today's world, organizations are increasingly looking to migrate their on-premises infrastructure to the cloud to take advantage of scalability, cost-effectiveness, and agility offered by cloud. One critical component of many enterprise architectures is the load balancer, which distributes incoming traffic across multiple servers. If you're considering migrating your on-premise hardware load balancers to AWS, it's […]

Linux: Back Up Your Desktop With rsnapshot

- thenewstack.io storage - January 26, 2025

Backing up your system should be a crucial component of your administration duties, even for personal systems. The rsnapshot utility provides everything you need.

SRE Weekly Issue #461 – SRE WEEKLY

- sreweekly.com - January 26, 2025

Written in 2020 after an AWS outage, this article analyzes dependence on third-party services and the responsibility to understand their reliability.

At AWS, we are committed to running our business in the most environmentally friendly way possible. We also work to enable our customers to use the benefits of the cloud to better monitor and optimize their IT infrastructure. As reported in The Carbon Reduction Opportunity of Moving to Amazon Web Services, our infrastructure is 3.6 […]

System Administrators face a never-ending list of tasks in IT organizations, with one of the most critical being the installation and updating of software packages. This process is essential for maintaining a secure posture across systems. However, as the number of servers grows, manually managing updates becomes increasingly time-consuming and inefficient. The challenge we're addressing […]

You can now verify the integrity of Google Kubernetes Engine components with SLSA, the Supply-chain Levels for Software Artifacts framework.

Compute Engine A3 High VMs are now available with NVIDIA H100 80GB GPUs in smaller machine types of 1, 2, and 4 GPUs, great for running AI inference.

We Need to Cut Down on Cloud Waste in 2025

- thenewstack.io cloud-native - January 23, 2025

Financial efficiency will only become more critical as the industry evolves; mastering these cost-focused measures now will pay back dividends.

Amazon Bedrock now offers Luma AI's Ray2 video model, enabling users to generate high-quality, 5 or 9 second video clips with 540p and 720p resolution from text prompts, marking AWS as the exclusive cloud provider offering fully managed Luma AI models.

Many CIS recommendations for GKE can be enforced with custom Organization Policies. Here's how.

New platform engineering research report

- GCP devops/sre blogs - January 23, 2025

Google Cloud partnered with Enterprise Strategy Group (ESG) on a research study to uncover the secrets of successful platform engineering teams.

New Cloud Deploy features for automated deployments

- GCP devops/sre blogs - January 23, 2025

New automations in the Cloud Deploy continuous delivery platform help keep production environments reliable and up-to-date.

IT operations are at the heart of every organization. Organizations leveraging VMware, have built and adapted to an operating model overtime that can seem daunting to migrate to the cloud. Amazon Web Services (AWS) migration impacts changes to your operations tooling, existing responsibility model, and operations processes tailored to their VMware environment. While AWS offers […]

MasterCard DNS Error Went Unnoticed for Years

- krebsonsecurity.com - January 22, 2025

The payment card giant MasterCard just fixed a glaring error in its domain name server settings that could have allowed anyone to intercept or divert Internet traffic for the company by registering an unused domain name. The misconfiguration persisted for…

Introduction In this post, we discuss VPC Lattice Transport Layer Security (TLS) Passthrough feature. We walk through how users designed workloads prior to this feature, what this feature provides, and best practices for implementing TLS passthrough communication using VPC Lattice. AWS announced the general availability of TLS Passthrough for VPC Lattice, which allows users to […]

Network incidents can occur at times that may impact latency in AWS Regions , Availability Zones (AZs), and individual infrastructure components, such as server hardware. Users can also experience more latency because of the introduction of network appliances in their traffic path. This post explains some of the best practices that allow you to identify […]

This post is written by Anton Aleksandrov, Principal Solutions Architect, Serverless and Alexander Vladimirov, Senior Solutions Architect, Serverless Today, Amazon EventBridge is announcing support for cross-account targets for Event Buses. This new capability allows you to send events directly to targets, such as Amazon Simple Queue Service (Amazon SQS), AWS Lambda, and Amazon Simple Notification Service […]

SRE Weekly Issue #460 – SRE WEEKLY

- sreweekly.com - January 19, 2025

I love how candid this article is. This kind of story is invaluable to level up our own retrospective facilitation skills.

Cloudsmith has added a software distribution platform that streamlines the distribution of artifacts and provides access to analytics.

Sanctions imposed on Chinese actors for Treasury hack involving 3,000 stolen files and telecom breaches.

Modern enterprise environments are increasingly reliant on complex, interconnected IT systems to drive their business and operations. From unexpected application outages to infrastructure issues, the potential for disruptions that can impact business continuity and customer satisfaction is significant. Many organizations struggle with rapid incident resolution due to limited 24/7 AWS expertise. In this post you […]

How AI simplifies document workflows with intelligent extraction.

Docker Replacement Flox Has Libraries for Kubernetes

- thenewstack.io kubernetes - January 17, 2025

Flox simplifies Nix for enterprise use, offering a container-free alternative to Docker that promises better dependency management and cross-platform compatibility.

Customers are looking for a way to limit the types of commands that can be run on their Amazon Elastic Compute Cloud (Amazon EC2) instances when using AWS Systems Manager Session Manager interactive sessions. Allowed commands vary by group, meaning you need to allow different sets of commands based on the group of users. For […]

eBPF Tool Identifies Cross-Zone Kubernetes Network Traffic

- thenewstack.io kubernetes - January 17, 2025

Polar Signals couldn't figure out why it had so much expensive cross-zone traffic. So it turned to eBPF to deliver the answers, and cut its cloud bill in half.

Phil Venables explains why talking cybersecurity in business terms can help us better convey the costs and priority of the risks we face.

The EU's DORA has arrived. Google Cloud is ready to help

- GCP security blogs - January 17, 2025

As DORA takes effect today, financial entities in the EU must rise to a new level of operational resilience in the face of ever-evolving digital threats. Here's how Google Cloud can help.

Rearchitected GKE HPA improves scaling performance

- GCP containers blogs - January 17, 2025

We rearchitected the Google Kubernetes Engine (GKE) Horizontal Pod Autoscaler (HPA) for a significant improvement in scaling performance.

They say old habits die hard, and in the networking world, that sentiment rings especially true when it comes to IPv4. It's like that guest at a party who refuses to leave, even though the snacks are gone, and everyone's ready for bed 😉 . Despite the glaring reality of IPv4 exhaustion, its reign persists, […]

Three critical vulnerabilities in WGS-804HPT switches, including two CVSS 9.8 flaws, allow remote code execution.

In 2025, software developers will broaden the scope of how they use AI with promising new applications for improving security.

Millions of PHP servers compromised by Python bots using GSocket to target Indonesian users with gambling redirects.

What is GitLab Runner?

- cncf.io - January 17, 2025

Ambassador post by Natalia Granato, CNCF Ambassador GitLab Runner is an open-source application that runs jobs defined in your GitLab CI/CD pipelines. It can be installed on different platforms…

North Korean IT workers funnel millions to Kim's WMD programs via wage theft, insider threats, and extortion.

Discover how cloud-captive portal solutions improve Wi-Fi security by bringing the Zero Trust framework. Learn to implement Zero Trust principles, and

New Sneaky 2FA phishing kit targets Microsoft 365 accounts, bypassing 2FA using QR codes and anti-analysis measures.

An analysis finds an increase in organizations performing SCA on code repositories and a rise in creating software bills of materials.

Noyb files GDPR complaints against TikTok, AliExpress, and others for illegal EU-China data transfers, citing risks of Chinese government access.

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

- krebsonsecurity.com - January 16, 2025

Residents across the United States are being inundated with text messages purporting to come from toll road operators like E-ZPass, warning that recipients face fines if a delinquent toll fee remains unpaid. Researchers say the surge in SMS spam coincides…

Serverless ICYMI Q4 2024 | Amazon Web Services

- AWS compute blogs - January 16, 2025

Welcome to the 27th edition of the AWS Serverless ICYMI (in case you missed it) quarterly recap. At the end of a quarter, we share the most recent product launches, feature enhancements, blog posts, webinars, live streams, and other interesting things that you might have missed! In case you missed our last ICYMI, check out […]

Why Your API Strategy Needs a Rethink

- thenewstack.io devops - January 16, 2025

Proactive monitoring of third-party APIs is critical for platform security and efficiency.

Star Blizzard shifts to WhatsApp spear-phishing, using QR codes to target diplomats and Ukraine aid. Campaign ended November 2024.

A3 Ultra with NVIDIA H200 GPUs are GA on AI Hypercomputer

- GCP compute blogs - January 16, 2025

A3 Ultra VMs and Hypercompute Cluster are GA for AI Hypercomputer, and experimental support for vLLM provides makes inference on TPUs easier.

Now GA, Google C4A Axion processors and Titanium SSD deliver strong price-performance for Arm-compatible general-purpose workloads.

Ambassador post by Swastik Gour The emergence of Large Language Models (LLMs) such as GPT-4, PHI2, BERT, and T5 revolutionized natural language processing, with these models empowering high-end…

Community post cross-posted on the OSTIF blog OSTIF is proud to share the results of our security audit of Karmada. Karmada is an open source Kubernetes orchestration system for running cloud-native…

An initial contributor to the OpenTofu fork of HashiCorp Terraform, Spacelift wants to modernize IT workflow automation tools. Next up: Red Hat Ansible.

Simplify trust management with DigiCert ONE: centralize control, automate operations, and ensure compliance in hybrid environments.

Misconfigured on-prem applications bypass Microsoft's NTLMv1 block in Active Directory, exposing sensitive data risks.

Why account compromises linked to stolen credentials are on the rise, and what security teams can do about it

Threat actors embed malware like VIP Keylogger in images via phishing emails and Base64 encoding, leveraging .NET loaders and GenAI-written scripts to

UEFI vulnerability CVE-2024-7344 allows unsigned code execution in Secure Boot systems. Microsoft revokes binaries; vendors issue patches.

Python backdoor delivers RansomHub ransomware after SocGholish exploits outdated WordPress SEO plugins. Impact: lateral movement via SOCKS5 proxy.

Ivanti patches four EPM vulnerabilities (CVSS 9.8) and updates Avalanche and Application Control Engine. No exploitation evidence found.

Terraform Gets AI Boost in New Cloud Management Platform

- thenewstack.io devops - January 15, 2025

ControlMonkey leverages AI and Terraform IaC to help enterprises tame their sprawling cloud infrastructure, promising 30% higher DevOps productivity and 90% fewer production issues through automated management and governance.

API products are no longer just developer tools. They are integral to a growing ecosystem of low-code and no-code solutions.

According to a study by the International Data Corporation (IDC), the global datasphere is expected to grow from 33 zettabytes (ZB) in 2018 to 175 ZB by 2025, a staggering five-fold increase. Organizations that leverage distributed architectures generate a significant portion of their data footprint from observability data, including application logs, metrics, and traces, which […]

Google Cloud has tokenization built in. Here's why you should use it for sensitive data protection.

Ambassador post originally published on Medium by Mathieu Benoit, CNCF Ambassador KubeCon NA 2024 in Salt Lake City was a blast! Like always, I met with old friends, I made new friends and I had deep…

Lazarus Group's Operation 99 targets Web3 developers via fake LinkedIn profiles and GitLab repositories, stealing cryptocurrency and source code.

Malvertising targets Google Ads users, redirecting to phishing sites that steal credentials, budgets, and 2FA codes.

North Korean hackers stole $1.34 billion in 2024, targeting cryptocurrency exchanges and blockchain firms globally.

Patches for six Rsync flaws, including critical CVE-2024-12084 (CVSS 9.8), released in v3.4.0. Update now.

The High-Stakes Disconnect For ICS/OT Security

- thehackernews.com - January 15, 2025

Only 31% of organizations have ICS/OT SOC capabilities. Protect critical infrastructure with tailored controls and SANS Five Cybersecurity Critical Co

Organizations need to implement the right risk management strategy to positively impact productivity through AI while maintaining safety.

DevOps Security Metrics - DevOps.com

- devops.com - January 15, 2025

Explore key metrics that can help bridge the gap between the speed of DevOps processes and the essential security requirements required.

FBI's PlugX operation cleans over 4,250 infected computers, targeting malware spread by PRC-linked hackers.

Patch critical SimpleHelp vulnerabilities, including CVE-2024-57727 and CVE-2024-57728, to prevent admin credential theft and remote server control.

Microsoft's January 2025 update addresses 161 vulnerabilities, including 3 zero-days and 5 critical flaws.

At Amazon Web Services (AWS), the security of our customers' data is our top priority, and it always will be. Recently, the AWS Customer Incident Response Team (CIRT) and our automated security monitoring systems identified an increase in unusual encryption activity associated with Amazon Simple Storage Service (Amazon S3) buckets. Working with customers, our security […]

Deploying AWS Elastic Disaster Recovery at scale provides robust protection for your infrastructure. The DRS Settings Tool is an invaluable resource for updating settings across your infrastructure efficiently. In this post, we show you how to setup and use the DRS Settings Tool to update all your Elastic Disaster Recovery source server settings in bulk.

Amazon Web Services (AWS) is pleased to announce a successful completion of the Health Data Hosting (Hébergeur de Données de Santé, HDS) certification audit, and renewal of the HDS certification for 24 AWS Regions. The Agence du Numérique en Santé (ANS), the French governmental agency for health, introduced the HDS certification to strengthen the security and protection of […]

This post was authored by Markus Kokott, Senior Solutions Architect, AWS and co-written with Balaji Balakrishnan, Head of Platform Services & DevOps, Santa Kumar Bethanapalli, Head of Cloud Operations & SRE, and Natarajan Ramani, Lead Platform Engineer, from webMethods iPaaS. Introduction In this post, we discuss webMethods' journey in transitioning webMethods iPaaS into a successful […]

Each year, the DevOps Dozen Awards recognize the best and brightest in the DevOps community and industry, celebrating individuals and organizations making

CVE-2024-44243 flaw in macOS SIP allowed root-level exploits, risking persistent malware and reduced system reliability.

Attackers exploit a Google OAuth flaw, recycling domains to access SaaS accounts and sensitive HR data.

In a previous blog post, we introduced the IAM Access Analyzer custom policy check feature, which allows you to validate your policies against custom rules. Now we're taking a step further and bringing these policy checks directly into your development environment with the AWS Toolkit for Visual Studio Code (VS Code). In this blog post, […]

This week's Kubestronaut in Orbit is Sathish Kumar Venkatesan, an IT professional from Brampton, Canada, with over 16 years of diverse experience spanning cloud technologies, DevOps…

Member post originally published on the Devtron blog by Badal Kumar and Siddhant Khisty TL;DR: Learn how to secure your AWS Application Load Balancer (ALB) with OpenID Connect (OIDC) to enhance…

The CLI struggle is real Command-line tools are meant to simplify infrastructure and DevOps workflows, but the reality is often the opposite. Instead of speeding things up, the vast array of commands, flags, and syntax turns the CLI into a puzzle. Tools meant to enhance productivity have developers endlessly tab-switching between searches, forums, and docs […]

AWS launches its first cloud Region in Mexico, enabling digital transformation with local infrastructure, delivering low latency, and helping customers meet data residency requirements, backed by a planned $5 billion investment over 15 years.

Join Ben Newman, Principal Software Engineer at Apollo as he explores how generative AI and GraphQL APIs are better together.

Mirantis Rockoon: OpenStack Management on Kubernetes

- thenewstack.io kubernetes - January 14, 2025

You may not think that OpenStack and Kubernetes can work well together, but Mirantis believes they can go together like chocolate and peanut butter.

Software bills of materials (SBOMs) have sparked a real culture shock in development teams that are made to account for all decisions.

Russian-linked UAC-0063 deploys HATVIBE malware in Kazakhstan; SORM expands in Central Asia, Latin America.

HuiOne Guarantee, a $24B Telegram marketplace, leads in crypto-fueled scams, money laundering, and illicit activities.

Identity, data, and third-party risks worsen with SaaS sprawl. Secure your growing attack surface in 2025

Fortinet firewalls running firmware versions 7.0.14-7.0.16 targeted by attackers using zero-day vulnerabilities.

The issue of slow startups in cloud-based complex Java applications and two initiatives aimed at finding the best solution to deal with this.

AI has become an integral component of DevOps, offering predictive analytics and automated decision-making to improve efficiency.

CISA adds BeyondTrust CVE-2024-12686 to KEV catalog; Treasury breach linked to Silk Typhoon exploits.

Microsoft: Happy 2025. Here's 161 Security Updates

- krebsonsecurity.com - January 14, 2025

Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three "zero-day" weaknesses that are already under active attack. Redmond's inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped…

Specificity in data selection can improve AI output quality and compliance.

DevOps should implement these tools and best practices to foster productivity, improve the developer experience, and drive innovation in 2025.

AWS re:Invent 2024 was held in Las Vegas December 2–6, with over 54,000 attendees participating in more than 2,300 sessions and hands-on labs. The conference was a hub of innovation and learning hosted by AWS for the global cloud computing community. In this blog post, we cover on-demand sessions and major security, identity, and compliance announcements that […]

As we move into the second week of 2025, China is celebrating Laba Festival (腊八节), a traditional holiday, which marks the beginning of Chinese New Year preparations. On this day, Chinese people prepare Laba congee, a special porridge combining various grains, dried fruits, and nuts. This nutritious mixture symbolizes harmony, prosperity, and good fortune — […]

Amazon Cognito is a developer-centric and security-focused customer identity and access management (CIAM) service that simplifies the process of adding user sign-up, sign-in, and access control to your mobile and web applications. Cognito is a highly available service that supports a range of use cases, from managing user authentication and authorization to enabling secure access […]

Fuzzing the CNCF landscape in 2024

- cncf.io - January 13, 2025

By Chris Aniszczyk (CNCF), Adam Korczynski (Ada Logics), David Korczynski (Ada Logics) CNCF maintains a high level of security for its projects by way of a series of initiatives such as security…

KCD post by the Kubernetes Community Days Sofia organizers Today, we're having a conversation with Veneta Gergova, the artist behind the design and logo for KCD Sofia 2025. I am an illustrator artist…

Community post by Kevin Conner, Chief Engineer, Getup Cloud and co-author of Kubernetes in Action 2nd Edition As Kubernetes deployments grow in scale and complexity, policy enforcement becomes a…

CVE-2024-50603 in Aviatrix Controller enables remote code execution, cryptomining, and backdoor attacks. Patch now.

Ransomware on VMware ESXi surged in 2024 with $5M demands. Discover vulnerabilities and defense strategies.

This week in cybersecurity: zero-day exploits, advanced malware, and the latest hacking tricks you need to know about.

Pythagora AI has made available an AI coding tool, designed to more interactively enable app developers to automate the writing of code.

This week, we highlight five great DevOps job opportunities including roles at the Omnicom Media Group and Sony Interactive Entertainment.

Malicious JavaScript in WordPress checkout pages steals payment data, hides in wp_options, and exfiltrates encrypted details.

Hijacked 4,000+ backdoors via expired domains for $20, exposing government, academic, and private systems globally.

The danger of overreaction

- surfingcomplexity.blog - January 12, 2025

The California-based blogger Kevin Drum has a good post up today with the title Why don't we do more prescribed burning? An explainer. There's a lot of great detail in the post, but the bit t…

Modern designs must anticipate future scale by carefully considering architecture and resource utilization.

SRE Weekly Issue #459 – SRE WEEKLY

- sreweekly.com - January 12, 2025

Modern PostgreSQL Deployment: 3 Cloud Native Approaches You Should Know

- thenewstack.io platform-engineering - January 11, 2025

Deploying PostgreSQL on Kubernetes is the obvious choice in today's cloud native landscape.

Microsoft takes legal action against a hacking group using stolen Azure API keys to create harmful AI-generated content.

Three Russians indicted for laundering $25M via Blender.io, Sinbad.io, tied to Lazarus and ransomware.

For organizations with multiple AWS accounts, staying on top of planned AWS service changes and events is critical to keep operations and business running smoothly. Organizations use AWS Health for ongoing visibility into resource performance and the availability of AWS services and accounts, but the volume of notifications from AWS Health can sometimes be overwhelming. […]

Developer Productivity: Who's Tracking It? Not Many

- thenewstack.io platform-engineering - January 10, 2025

Forty percent of managers in JetBrains' latest survey said their organizations measure neither developer productivity nor developer experience.

WebAssembly and Containers' Love Affair on Kubernetes

- thenewstack.io kubernetes - January 10, 2025

A Microsoft engineer shows how WebAssembly modules can run alongside containers in Kubernetes environments.

The U.S. agency is continuing to urge businesses to take control of security in their software and product development processes.

RustCoder: AI-assisted Rust learning

- cncf.io - January 10, 2025

Member post originally published on Second State's blog by CNCF Ambassadors Vivian Hu, Product Manager at Second State, and Miley Fu, DevRel at Second State Rust has been voted the most beloved…

Introduction Developers, IT Operators, and in some cases, Site Reliability Engineers (SREs) are responsible for deploying and operating infrastructure and applications, as well as responding to and resolving incidents effectively and in a timely manner. Effective incident management requires quick diagnosis, root cause analysis, and implementation of corrective actions. Diagnosing the root cause can be […]

Survey findings include respondents noted that AI tools are increasing the blast radius of the amount of bad code that needs to be debugged.

AI-driven ransomware group FunkSec targets 85 victims globally, blending hacktivism and cybercrime with low-cost ransoms.

Master cybersecurity reporting with Cynomi's guide. Align security with goals, save time, and build trust

Patched CVE-2024-49415 zero-click flaw on Samsung devices (CVSS 8.1) risked remote code execution via RCS.

Elisity cuts healthcare costs by 76% with identity-based microsegmentation, discovering 99% of devices in 4 hours.

RedDelta exploited PlugX backdoor and Cloudflare CDN to target Asian governments, including Mongolia's Ministry of Defense, in 2024.

Phishing exploits CrowdStrike branding to deliver XMRig cryptominer via fake CRM app, evading detection.

Managing DNS configurations across multiple Amazon Virtual Private Clouds (Amazon VPCs) and Amazon Web Services (AWS) accounts can be a daunting task for network administrators, especially in complex environments with numerous Private Hosted Zones (PHZs) and Amazon Route 53 Resolver rules. Traditionally, they relied on outbound and inbound Route 53 Resolver endpoints to transport DNS […]

When managing multiple AWS accounts in AWS Organizations organization, it's important to implement central access controls that govern both identities and resources. These controls are essential for ensuring security, compliance, and scalability across your environment. AWS Organizations service control policies (SCPs), resource control policies (RCPs), and declarative policies enable you to centrally configure and manage […]

Palo Alto Networks patches severe Expedition vulnerabilities, including SQL injection (CVE-2025-0103, CVSS 7.8), exposing sensitive data.

How to partition cloud applications to avoid global outages

- GCP devops/sre blogs - January 09, 2025

Learn how to lessen the chance of a global outage by vertically partitioning the serving stack, thus limiting the “blast radius,” or extent.

Securing an event of the magnitude of AWS re:Invent—the Amazon Web Services annual conference in Las Vegas—is no small feat. The most recent event, in December, operated on the scale of a small city, spanning seven venues over twelve miles and nearly seven million square feet across the bustling Las Vegas Strip. Keeping all 60,000 […]

Member post originally published on the Mia-Platform blog by Graziano Casto, DevRel Engineer, Mia-Platform TLDR: After years of helping people adopt digital platforms, we created the Platform Journey…

Banshee Stealer, a $3,000/month macOS malware, resurfaces with XProtect encryption, targeting 100M users via phishing campaigns.

Product Review: How Reco Discovers Shadow AI in SaaS

- thehackernews.com - January 09, 2025

Reco uncovers shadow AI in SaaS, tackling risks like excessive permissions and data leaks. Real-time security detection ensures protection.

Ransomware is evolving, with a 10.3% rise in encrypted attacks and record $75M payouts in 2024. Learn proven strategies to outsmart threats in 2025.

MirrorFace, an APT10 subgroup, targets Japan's security with spear-phishing, sandbox evasion, and ANEL malware.

CVE-2024-52875, a critical RCE flaw in GFI KerioControl firewalls, allows HTTP response splitting and exploits over 23,800 internet-exposed instances

In this article, we're going to see what available monitoring solutions lack and what modern monitoring should look like.

EU General Court fines Commission €400 for transferring user data to Meta without safeguards in 2022.

Ivanti's CVE-2025-0282 flaw, exploited by China-linked actors, enables remote code execution. CISA demands urgent patching by January 15, 2025.

This tutorial will guide you through the process of creating the service account, role, and role binding to

Introduction AWS recently announced the general availability of support for cost allocation tags for AWS Transit Gateway. With cost allocation tags, you can tag your AWS resources and see cost breakouts on a per-tag basis. Previously, Transit Gateway supported cost allocation tags for categorizing and allocating Attachment Hours charges only. With this announcement, you can […]

Five Ways Your Platform Engineering Journey Can Derail

- thenewstack.io devops - January 08, 2025

Industry experts outline potential traps and practical solutions in implementing platform engineering, emphasizing organic adoption and clear communication over forced compliance.

To support our customers in securing their generative AI workloads on Amazon Web Services (AWS), we are excited to announce the launch of a new AWS Skill Builder course: Securing Generative AI on AWS. This comprehensive course is designed to help security professionals, architects, and artificial intelligence and machine learning (AI/ML) engineers understand and implement […]

It's Time To Start Preparing APIs for the AI Agent Era

- thenewstack.io devops - January 08, 2025

With agentic AI, integrations are no longer static and immutable concepts.

Community post by Daniel Israel García Bustinza, Ayacucho, Perú I am Daniel Israel García Bustinza, writing from Huanta, Ayacucho, Perú. I am a cloud solutions architect and database specialist…

Neglected domains fuel malspam with spoofed emails, bypassing security checks and exploiting low-cost domains.

AWS Identity and Access Management Access Analyzer simplifies inspecting unused access to guide you towards least privilege. You can use unused access findings to identify over-permissive access granted to AWS Identity and Access Management (IAM) roles and users in your accounts or organization. From a delegated administrator account for IAM Access Analyzer, you can use the dashboard […]

Preprocessing large datasets with Ray and GKE

- GCP containers blogs - January 08, 2025

How to efficiently preprocess large datasets in your ML workflow with Ray, a distributed computing framework for scaling Python applications, and GKE.

Introduction An effective patch management is foremost for maintaining system security, reliability, and compliance across your IT infrastructure. AWS Systems Manager (SSM) provides a comprehensive patching solution, enabling you to automate the deployment of operating system updates to your nodes deployed on AWS, on-premises, and multicloud environments. However, as your organization scales, tracking and reporting […]

In the face of growing complexities in software development, technology leaders are striving to understand how they can simplify complex workflows to

CIOs Guide to GenAI - DevOps.com

- devops.com - January 08, 2025

Now is the time to fortify your AI ambition and build real solutions for everyday problems to drive efficiency and competitive differentiation. This guide

As companies increasingly adopt Kubernetes and microservices for IT modernization, the demand for specialized DevOps skills has surged. Our white paper

Did you know that 74% of tech leaders struggle to find the right talent in today's market? The way we've always hired isn't working anymore - it's time

Reddit No Longer Haunted by Drifting Kubernetes Configurations

- thenewstack.io kubernetes - January 08, 2025

Three years ago, Reddit's infrastructure engineers team spent most of its time putting out fires. Here's how developing a platform abstraction streamlined operations and put them back in charge.

NonEuclid RAT: C# malware offering remote access, antivirus bypass, and ransomware, active since November 2024.

IBM survey finds 99% of developers use coding tools with AI capabilities, but 33% have since identified a lack of AI development processes.

Top 5 Malware Threats to Prepare Against in 2025

- thehackernews.com - January 08, 2025

Lumma, XWorm, and LockBit posed serious threats in 2024. Learn how ANY.RUN's sandbox detects malware tactics, including ransomware encrypting 300 file

Mirai botnet variant exploits CVE-2024-12856 in Four-Faith routers, enabling 100 Gbps DDoS attacks across five nations.

The U.S. Cyber Trust Mark enhances IoT security with NIST standards, QR codes, and accredited testing.

CISA lists critical flaws in Mitel MiCollab (CVE-2024-41713, CVE-2024-55550) and Oracle WebLogic (CVE-2020-2883).

Amazon Web Services (AWS) is excited to introduce an enhanced integration between AWS Resilience Hub and AWS Fault Injection Service that streamlines the process of creating and running chaos experiments. We'll focuses on how to leverage this integration through the AWS Command Line Interface (AWS CLI), catering to users who prefer command-line tools for automation […]

Amazon Web Services (AWS) is excited to introduce an enhanced integration between AWS Resilience Hub and AWS Fault Injection Service for facilitating the process of creating and running chaos experiments. We'll focus on how to leverage this integration through the AWS Management Console, offering a user-friendly, point-and-click approach. The console interface is ideal for those […]

2025 Brings Pressure for DevOps Teams To Showcase New Values

- thenewstack.io devops - January 07, 2025

DevOps proves its mission-critical role by aligning technical efforts with business outcomes.

Quali has added capabilities to its Torque platform for provisioning IT environments, including an AI copilot and a Cloud Curate tool.

Philadelphia, Pennsylvania, 7th January 2025, CyberNewsWire

Dragonfly v2.2.0 has been released

- cncf.io - January 07, 2025

Dragonfly v2.2.0 is released! 🎉🎉🎉 Thanks the contributors who made this release happend and welcome you to visit d7y.io website. The client is written in Rust, offering advantages such as ensuring…

By Patrice Chalin (CNCF), for the Docsy Steering Committee As we reflect on 2024, it's exciting to see steady progress toward the goals outlined in our 2024 priorities. This year…

Honeycomb.io's Austin Parker: OpenTelemetry In-Depth

- thenewstack.io kubernetes - January 07, 2025

In this interview from KubeCon, we learn about OpenTelemetry's move into CI/CD, as well as into other frameworks, libraries, cloud systems, and language standard libraries.

Ramat Gan, Israel, 7th January 2025, CyberNewsWire

Outdated BIOS firmware in Illumina iSeq 100 allows attackers to disable devices or install malware, threatening critical genetic research and vaccine

Legacy MFA, antivirus, VPNs, and password managers fall to advanced phishing, AI-driven malware, and zero-trust solutions, marking 2024 as a year of c

EAGERBEE malware targets ISPs and governments in the Middle East using stealthy, memory-resident backdoors.

Chinese hackers exploited BeyondTrust API keys in a major Treasury cyberattack; CISA confirms no wider federal impact.

Two severe vulnerabilities (CVE-2024-9138, CVE-2024-9140) in Moxa routers risk privilege escalation and command execution.

In this guide, we will look at the Prometheus setup on Kubernetes using a helm chart with all

In this blog, you will learn to integrate AWS Secrets Manager secrets into the EKS cluster using Secrets

AWS launches Asia Pacific (Thailand) Region with 3 Availability Zones, accelerating cloud adoption. Strategically located to meet data residency needs, it drives innovation across industries. Early AWS adopters in Thailand share transformative success stories. Get started now!

A Day in the Life of a Prolific Voice Phishing Crew

- krebsonsecurity.com - January 07, 2025

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. However, new details about the internal operations of a prolific voice phishing gang…

Configuring Amazon Application Recovery Controller (ARC) zonal autoshift observer notifications can be an enabler on your journey to architecting and operating resilient workloads on AWS, a key focus of the reliability pillar of AWS Well-Architected. AWS provides an array of design principles and services to guide users in building highly available and fault-tolerant architectures. A […]

Personalized Service Health at Palo Alto Networks

- GCP devops/sre blogs - January 06, 2025

Palo Alto Networks recently integrated Personalized Service Health signals into the incident workflow for its based PRISMA Access offering.

This blog was authored by Karthik Rajendran, Senior Solutions Architect (AWS) and Isha Dua, Senior Solutions Architect (AWS). The software architect's job is mostly one of trade-offs, weighing the considerations of different approaches and then choosing the one that strikes the best balance. Some architects are surprised to find that, in the AWS Cloud at least, architecting […]

Happy New Year! We are witnessing technology augment human ingenuity in inspiring ways. In the coming years, using technology for positive impact will redefine the way we think about success. Amazon CTO, Dr. Werner Vogels, offers five forward-looking tech predictions for 2025, and beyond: The workforce of tomorrow is mission-driven A new era of energy […]

Google Cloud customers can now track specific Cloud Abuse Events in Cloud Logging. Here's what you need to know.

A guide to JAX for PyTorch developers

- GCP compute blogs - January 06, 2025

PyTorch users can learn about JAX in this tutorial that connects JAX concepts to the PyTorch building blocks that they're already familiar with.

Amazon Macie is a managed service that uses machine learning (ML) and deterministic pattern matching to help discover sensitive data that's stored in Amazon Simple Storage Service (Amazon S3) buckets. Macie can detect sensitive data in many different formats, including commonly used compression and archive formats. However, Macie doesn't support the discovery of sensitive data […]

Parsing 101 with Fluent Bit

- cncf.io - January 06, 2025

Member post originally published on Chronosphere's blog by Sharad Regoti Fluent Bit is a super fast, lightweight, and scalable telemetry data agent and processor for logs, metrics, and traces.

India's draft DPDP Rules empower citizens with data rights, strict security mandates, and ₹250 crore penalties. Feedback open until Feb 18, 2025.

DevOps vs Agile: Key Differences - DevOps.com

- devops.com - January 06, 2025

Agile development and distributed operations can enhance development processes, adapt to market changes and ensure customer satisfaction.

To keep up to speed, every DevOps team needs to take a hard look at its processes and tech stack heading into the new year.

Stay ahead of the latest threats with our weekly cybersecurity updates. It's quick, simple, and keeps you safe.

SaaS threats soared in 2024, with 7,000 password attacks blocked per second, phishing up 58%, and $3.5 billion in losses. Misconfigurations are key vu

There are plenty of challenges throughout the SDL but one that has proven to be a make-it-or-break-it for projects is requirements management.

FireScam malware disguises as Telegram Premium, exploiting permissions for data theft and persistent device control

Building micro-frontend applications enables monolithic applications to divide into smaller, independent units, using React

New year, new job? Browse our weekly selection of job opportunities for DevOps professionals and find your next career move, in 2025.

As we advance into 2025, the inevitability of system failures doesn't have to spell disaster if organizations embrace a proactive approach.

Malicious npm packages impersonate Hardhat, exfiltrating private keys and mnemonics, with 1,092 downloads reported.

In today's world of software development, CI, CD, automated testing and IaaC are cornerstones of DevOps, ensuring rapid software delivery.

SRE Weekly Issue #458 – SRE WEEKLY

- sreweekly.com - January 05, 2025

We can never

CVE-2024-43405 in Nuclei allows signature bypass, enabling arbitrary code execution. Update to version 3.3.7 for critical fixes.

PLAYFULGHOST malware mimics Gh0st RAT with advanced spyware features, targeting users via phishing and SEO poisoning techniques.

U.S. sanctions Integrity Technology Group for aiding Flax Typhoon's state-sponsored hacks, targeting U.S. systems since 2021.

Ethical and Explainable AI Are Startup Imperatives in 2025

- thenewstack.io devops - January 03, 2025

Businesses are embracing generative AI but must address governance challenges to ensure ethical and explainable use.

See What WebAssembly Can Do in 2025

- thenewstack.io kubernetes - January 03, 2025

Looking ahead to 2025, it's anticipated that WebAssembly will see some real adoption beyond the sandbox projects presented at conferences.

Member post originally published on the yld blog by Afonso Ramos Remember when searching for information online involved typing in a few keywords and sifting through pages of results? Thankfully…

New Likert-scale-based AI jailbreak technique boosts attack success rates by 60%, highlighting urgent safety challenges.

LDAPNightmare PoC exploit crashes Windows Servers via CVE-2024-49113. Patch or monitor CLDAP responses to prevent DoS.

Microsoft migrates .NET installers to Azure Front Door as Edgio ends January 15, 2025. Action required: update domains by January 7, 2025.

Apple to pay $95M to settle a U.S. Siri privacy lawsuit; $20 per eligible device claimed.

Ambassador post originally published on Dev.to by Syed Asad Raza As cloud-native applications scale, securing workloads while maintaining performance becomes critical. This is where Cilium…

Developer Productivity in 2025: More AI, but Mixed Results

- thenewstack.io platform-engineering - January 02, 2025

In 2024, a mismatch emerged between leadership expectations about AI-assisted developer productivity and what devs actually need. What will this year bring?

The dust has settled after another re:Invent. I once again had the privilege of organizing the DevOps and Developer Productivity (DOP) track along with Jessie VanderVeen, Krishna Dalal, Megan Sattler and countless others. For 2024, the DOP track included 60 sessions. If you weren't able to attend, I have compiled a list of the on-demand […]

As we kick off 2025, I wanted to take a moment to highlight the top posts from 2024. Without further ado, here are the top 10 DevOps and developer productivity blog posts of 2024. Announcing CDK Migrate A single command to migrate to the AWS CDK – This blog post announces the general availability of […]

Three patched Dynamics 365 and Power Apps vulnerabilities exposed sensitive data, highlighting risks of API flaws.

Cross-domain attacks rise as adversaries exploit identity gaps. CrowdStrike Falcon delivers 85% faster threat responses with real-time visibility and

Malicious npm package 'ethereumvulncontracthandler' delivers Quasar RAT to Windows systems, bypassing sandbox defenses, with 66 downloads to date.

German prosecutors charged three Russian-German nationals for espionage and sabotage, targeting German-U.S. military facilities.

I completed my Kubernetes certification two years ago, and now it's time to recertify. I initially completed the

eBPF in 2025: Bigger Than the CrowdStrike Outage

- thenewstack.io observability - January 01, 2025

The Extended Berkeley Packet Filter has the potential to mitigate disasters like the Crowdstrike outage this past summer. In 2025, eBPF adoption will expand rapidly.

Istio Creators on Mistakes To Avoid for Any Project

- thenewstack.io service-mesh - January 01, 2025

Istio has set a new standard for service mesh in cloud native environments, but there were a number of stumbles along the way since it was created.

New "DoubleClickjacking" attack bypasses clickjacking protections by exploiting double-click timing gaps, enabling account takeovers.

ranian and Russian entities sanctioned for election interference using disinformation, AI tools, and cyber warfare.

What 2024's Data Told Us About How Developers Work Now

- thenewstack.io platform-engineering - December 31, 2024

The New Stack reported on a variety of survey-based research in 2024. Here are the takeaways most relevant to you as you plan for 2025.

Introduction In order to enforce best practices for governance and compliance across AWS accounts in a centralized way, AWS Control Tower is an easy place to start. However, ensuring continuous compliance requires regular drift detection and remediation, which Control Tower facilitates by providing a mechanism to detect drift and publish notifications to Amazon Simple Notification […]

Disaster recovery (DR) plays an important role in the overall business continuity strategy of an organization. When implementing a DR solution, you must understand business drivers along with any governance, security, and operational requirements that influence the final solution. For example, organizations may have a requirement to maintain different accounts for security isolation, control cost […]

Kubestronaut in Orbit: Sofonias Mengistu

- cncf.io - December 31, 2024

This week's Kubestronaut in Orbit is Sofonias Mengistu, a DevOps Engineer at Gebeya.INC based in Addis Ababa, Ethiopia. With 14 years of IT experience—five of those dedicated to cloud-native…

New DoJ rule halts sensitive data sales to adversaries like China, effective in 90 days, ensuring robust penalties and protections.

Cilium releases 2024 annual report

- cncf.io - December 30, 2024

Following a year of significant milestones in 2023, 2024 for Cilium was pivotal in that organizations are now leveraging the project to manage their entire Kubernetes networking stack.

Cross-posted from the OpenTelemetry blog by Adam Korczynski OpenTelemetry is happy to announce the completion of the Collector's fuzzing audit sponsored by the CNCF and carried out by Ada Logics.

Member post originally published on the Embrace blog by Francisco Prieto Cardelle As an Android developer, my first instinct for solving a bug, measuring performance, or improving the overall…

Palo Alto, Calif., USA, 30th December 2024, CyberNewsWire

Observability in 2025: OpenTelemetry and AI to Fill In Gaps

- thenewstack.io observability - December 30, 2024

Rapidly increasing maturity of generative AI technologies, wider usage of OpenTelemetry and pressure to trim costs will shape observability in the new year.

U.S. Army Soldier Arrested in AT&T, Verizon Extortions

- krebsonsecurity.com - December 30, 2024

Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being Kiberphant0m, a cybercriminal who has been selling and leaking sensitive customer call records stolen earlier this year from AT&T and Verizon. As first reported by…

Happy 15th Anniversary, KrebsOnSecurity!

- krebsonsecurity.com - December 29, 2024

KrebsOnSecurity.com turns 15 years old today! Maybe it's indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024's most engrossing security stories were about bad things happening to bad guys. It's…

SRE Weekly Issue #457 – SRE WEEKLY

- sreweekly.com - December 29, 2024

Ambassador post by Liam Randall, CNCF Ambassador and CEO, Cosmonic We recently had the opportunity to reflect on the state of platform engineering within large companies—and the role WebAssembly has…

Whither dashboard design?

- surfingcomplexity.blog - December 22, 2024

The sorry state of dashboards It's true: the dashboards we use today for doing operational diagnostic work are … let's say suboptimal. Charity Majors is one of the founders of Hon…

The Canva outage: another tale of saturation and resilience

- surfingcomplexity.blog - December 21, 2024

Today's public incident writeup comes courtesy of Brendan Humphries, the CTO of Canva. Like so many other incidents that came before, this is another tale of saturation, where the failure mod…

Announcing 1000 Kubestronauts

- cncf.io - December 20, 2024

CNCF is excited to share that since launching the Kubestronauts program less than a year ago, over 1000 Kubestronauts have joined the program. A special welcome to our 1,000th Kubestronaut…

OpenTelemetry.io 2024 review

- cncf.io - December 20, 2024

Project post originally published on the OpenTelemetry blog by Severin Neumann (Cisco), Patrice Chalin (CNCF), Tiffany Hrabusa (Grafana Labs) As 2024 draws to a close, we reflect on the year and share…

The Feds Push WebAssembly for Cloud Native Security

- thenewstack.io service-mesh - December 20, 2024

The U.S. government says WebAssembly could and should be integrated across the cloud native service mesh sphere in particular to enhance security.

Member post by Rohit Raveendran, Facets.Cloud What happens behind the scenes when a Kubernetes pod shuts down? In Kubernetes, understanding the intricacies of pod termination is crucial for…

Community blog post by Sascha Grunert, CRI-O maintainer The Node Resource Interface (NRI) allows users to write plugins for Open Container Initiative (OCI) compatible runtimes like CRI-O and…

Member post originally published on the InfraCloud blog by Aman Juneja, Principal Solutions Engineer at InfraCloud Technologies In recent years, we've witnessed two recurring trends: the release of…

Kubestronaut in Orbit: David Mukuzi

- cncf.io - December 17, 2024

This week's Kubestronaut in Orbit, David Mukuzi, is a DevOps Engineer in Nairobi, Kenya. David is driven by a deep-rooted enthusiasm for continuous learning and exploration of emerging technologies.

Member post originally published on KubeBlocks by Yuxing Liu As a popular short-form video application, Kuaishou relies heavily on Redis to deliver low-latency responses to its users.

Blog post originally published on the Middleware blog by Sri Krishna In the high-stakes environment of Black Friday, e-commerce platforms encounter intense traffic surges that can heavily strain…

Using Hubble for GKE Dataplane V2 observability

- GCP networking blogs - December 16, 2024

Hubble provides deep visibility with added Kubernetes context into network packet flow for organizations running Cilium-powered GKE Dataplane V2.

Quick takes on the recent OpenAI public incident write-up

- surfingcomplexity.blog - December 14, 2024

OpenAI recently published a public writeup for an incident they had on December 11, and there are lots of good details in here! Here are some of my off-the-cuff observations: Saturation With thousa…

Member post originally published on the Devtron blog by Prakarsh In the ever-evolving landscape of container orchestration, Kubernetes stands out as a powerful tool for managing and deploying…

The Open Source Technology Improvement Fund, Inc (OSTIF) is thrilled to mark another successful year of helping CNCF projects with security audits. Since this partnership began in 2021, a total of 13…

A brief look at network performance limiters

- GCP networking blogs - December 10, 2024

Learn about some of the common network performance limiters and how to tackle these issues head-on.

Member post originally published on Cerbos's blog by Omu Inetimi When building a secure application, there are plenty of factors to be considered. Who is allowed into the application…

In this post, we detail the concepts, processes, and steps to get started with policy as code (PaC) and adopt this into your software development lifecycle. PaC can improve your overall security posture, improve consistency of service usage across your organization, and reduce rework or workloads deployed to your AWS accounts.

Cloud Logging and Monitoring support Gemini for Google Cloud

- GCP devops/sre blogs - December 09, 2024

Cloud Logging now records Gemini for Google Cloud activity and Cloud Monitoring reports on Gemini for Google Cloud active users.

Your lying virtual eyes

- surfingcomplexity.blog - December 07, 2024

Well, who you gonna believe, me or your own eyes? – Chico Marx (dressed as Groucho), from Duck Soup: In the ACM Queue article Above the Line, Below the Line, the late safety researcher Richar…

Community post originally published on Dev.to by Sunny Bhambhani Introduction k9s is a terminal based GUI to manage any Kubernetes(k8s) cluster. Using this single utility, we can manage, traverse…

Ambassador post by Prithvi Raj, CNCF Ambassador and Community Manager at Mirantis As Kubernetes continues to grow as the de-facto orchestration platform for containerized applications and is massively…

Google Cloud Backup and DR Service for SAP HANA

- GCP storage blogs - December 06, 2024

Google Cloud's Backup and DR Service with Persistent Disk (PD) snapshot integration provides cost-effective DR with rapid recovery for SAP HANA.

Project post originally published on the Linkerd blog by William Morgan Today we're happy to announce the release of Linkerd 2.17, a new version of Linkerd that introduces several major new features…

Community post by Annalisa Gennaro At the beginning of this year, I fell apart. I found myself in pieces, struggling to say a single word without bursting into tears. I had severe sleep issues…

Member post originally published on Chronosphere's blog by Carolyn King, Head of Community & Developer at Chronosphere This week Fluent Bit maintainers are excited to announce the launch of Fluent Bit…

Google Cloud announces 41st cloud region in Mexico

- GCP infra blogs - December 04, 2024

Google Cloud is excited to announce the launch of its 41st cloud region in Querétaro, Mexico.

Kubestronaut in Orbit: Eyal Zekaria

- cncf.io - December 03, 2024

This week's Kubestronaut in Orbit, Eyal Zekaria is a Senior Cloud Architect in Berlin, Germany. Eyal has a DevOps and SRE background and has experience operating Kubernetes clusters at scale at…

Top 6 cloud computing trends for 2025

- cncf.io - December 03, 2024

Member post by Sameer Danave, Senior Director of Marketing, MSys Technologies I'm excited about our new project but overwhelmed by all the technological changes," one of our solution architects shared…

Member post originally published on the Middleware blog by Sanjay Suthar As your AWS environment expands—whether in terms of resources, the number of services, or even the scale of your team—managing…

MTTR: When sample means and power laws combine, trouble follows

- surfingcomplexity.blog - December 01, 2024

Think back on all of the availability-impacting incidents that have occurred in your organization over some decent-sized period, maybe a year or more. Is the majority of the overall availability im…

The Australia Connect initiative's Bosun subsea and terrestrial interlink cables will bring increased digital connectivity to the Indo-Pacific region.

Firewall Deployment Patterns - Digi Hunch

- digihunch.com - November 16, 2024

Firewall deployment an important design area in cloud networking infrastructure. This article reviews a few firewall deployment patterns

Improve data loading times for ML inference apps on GKE

- GCP storage blogs - November 13, 2024

When running AI/ML inference workloads on GKE, learn how to accelerate data loading for inference serving containers and downloading models + weights.

Dataplex discovers and catalogs Cloud Storage data

- GCP storage blogs - November 11, 2024

Dataplex can now automatically discover and catalog Google Cloud Storage data, extracting metadata, and creating BigQuery and BigLake tables.

Companies like ad-tech firm Verve are reducing latency, improving performance, and saving costs with C4 machines, GKE gateway, and custom compute classes.

As organizations increasingly adopt Amazon Elastic Kubernetes Service (Amazon EKS) to manage their containerized applications, implementing robust security measures and maintaining compliance become critical. The scalable and flexible nature of Amazon EKS has made it a popular choice for businesses seeking to streamline their application deployment and management processes. However, with this adoption comes the […]

Google's HEART framework helps platform engineers measure and improve developer experience - how developers feel about and interact with a platform.

This blog post guides you through implementing a generative AI intelligent chatbot using Amazon Bedrock and AWS services, including developer lifecycle changes. It covers creating a scalable chatbot infrastructure with Terraform, using services like Amazon Bedrock Agents, Amazon Bedrock Knowledge Bases, OpenSearch Service, Lambda, Amazon S3, and IAM. The focus on IaC and automation brings key DevOps benefits: version control, consistent deployments, reduced errors, faster provisioning, and improved collaboration.

Cloud Certifications for Learning? - Digi Hunch

- digihunch.com - October 09, 2024

What I have learned in the last six years to choose cloud certifications wisely in a market with a lot of certification exams

Tetrate, Bloomberg Collaborate on Envoy-Based AI Gateways

- thenewstack.io service-mesh - October 07, 2024

The flexible Envoy Gateway is finding a new role as an Artificial Intelligence gateway.

Tap the power of Google Cloud Networking and Network Security to protect workloads anywhere on the web, just like Project Shield does. Here's how.

Parallelstore combines a distributed metadata and key-value architecture to deliver high-performance throughput and IOPS for HPC and AI workloads.

Learn about Turbot's cloud scripting engine Flowpipe along with practical examples for automating cloud operations on AWS.

In Terraform we use loop to create an array of resources, using count or for_each. Both count and for_each have their respective use cases.

Learn how to get real-time notifications from AWS Security Hub and query for solutions in Slack, Microsoft Teams, or Amazon Chime using AWS Chatbot integrated with Amazon Q.

Istio 1.23 Drops the Sidecar for a Simpler 'Ambient Mesh'

- thenewstack.io service-mesh - August 19, 2024

This new edition of the Istio service mesh can be run without sidecars, simplifying deployments and, in some cases, even reducing latency.

We are excited to announce new data residency, sovereignty, security, and AI capabilities for the Google Cloud region in the Kingdom of Saudi Arabia.

Learn how to refresh AWS Secret Manager secrets in long-running Amazon ECS tasks through automation using a Lambda function and a CloudFormation resource.

Learn how to use Steampipe's AWS plugin to perform SQL queries on AWS API data directly from Steampipe or any Postgres or SQLite database.

Test Open ID Connect Flows Locally - Digi Hunch

- digihunch.com - August 05, 2024

Test Open ID Connect (OIDC) Flows involves several parties. This post discuss how to test the flows with all parties running locally.

Learn about best practices for AWS GovCloud (US) DevOps teams to consider as they work to maintain a secure infrastructure and adhere to compliance guidelines.

Can Cilium Be a Control Plane Beyond Kubernetes?

- thenewstack.io service-mesh - July 28, 2024

Thomas Graf, co-creator of Cilium, discusses how the eBPF-based tool fits in the broader networking landscape.

Learn how to deploy hybrid transactional and analytical services with Bigtable features like data boost, request priorities and write flow control.

IAM Roles for any workload - Digi Hunch

- digihunch.com - July 14, 2024

This post takes a deep dive into how IAM role works on EC2 instance and how IAM Role Anywhere extends the capability to any workload.

Google Cloud and Oracle Partner to accelerate cloud transformation with Oracle Database@Google Cloud.

DEVOPS WEEKLY ISSUE #700 - 2nd June 2024

- devopsweeklyarchive.com - June 02, 2024

Devops Weekly is going to take a break.

DEVOPS WEEKLY ISSUE #699 - 26th May 2024

- devopsweeklyarchive.com - May 26, 2024

Platform engineering, establishing a center of production excellence, measuring the DORA metrics and tools for generating tests and writing bash. Oh, and a job opportunity that I'm hiring for in my team at the moment.

DEVOPS WEEKLY ISSUE #698 - 19th May 2024

- devopsweeklyarchive.com - May 19, 2024

This week we have posts on APIs, behind the scenes of a large production infrastructure, speeding up monorepo builds and tools for managing feature flags and a new programming language for large scale data processing.

DEVOPS WEEKLY ISSUE #697 - 12th May 2024

- devopsweeklyarchive.com - May 12, 2024

This week we have a range of posts covering API specification languages, log formats and CI/CD pipelines as well as tools for building development environments and working with Terraform.

DEVOPS WEEKLY ISSUE #696 - 5th May 2024

- devopsweeklyarchive.com - May 05, 2024

The DORA survey is back this week, along with posts on Jevons paradox, monitoring and testing ML models, reliability and service architecture and more.

DEVOPS WEEKLY ISSUE #695 - 28th April 2024

- devopsweeklyarchive.com - April 28, 2024

A short issue this week, with some interesting posts on observability and incident response, devops community and naming.

DEVOPS WEEKLY ISSUE #694 - 21st April 2024

- devopsweeklyarchive.com - April 21, 2024

A theme of architecture this week, with posts on the development of large systems, infrastructure evolution at scale, internal developer toolchains and more.

DEVOPS WEEKLY ISSUE #693 - 14th April 2024

- devopsweeklyarchive.com - April 14, 2024

I've been crazy busy this week and travelling today, and with it being the start of a new quarter I thought a highlights issue, with some of the top posts from January, February and March was in order.

DEVOPS WEEKLY ISSUE #692 - 7th April 2024

- devopsweeklyarchive.com - April 07, 2024

Lots of KubeCon EU wrapup posts this week, along with new developer and operator tooling for incidents, developer productivity and API documentation.

DEVOPS WEEKLY ISSUE #691 - 31st March 2024

- devopsweeklyarchive.com - March 31, 2024

eBPF, OIDC, A 20 year journey to fixing profiling, a platform maturity model and a range of other topics this week.

Best of 2023: The End of Programming Is Nigh

- thenewstack.io operations - December 28, 2023

Matt Welsh shares his perspectives about the future of computer science, distributed computing, and if ChatGPT and GitHub Copilot represent the beginning of the end of programming.

What Do You Know about Your Linux System?

- thenewstack.io operations - April 03, 2023

A look at the process to get insight into supported system calls and features and to assess how secure a system is and its runtime activity.

The Hidden Costs of 'Free' Internal Developer Portals

- thenewstack.io operations - January 12, 2023

Why pay for a dev tool if you can deploy a free alternative? As we'll illustrate here, the free-IDP approach costs way more than you think.

How Not to Waste a Senior Hire

- thenewstack.io operations - December 21, 2022

So you've hired a senior developer. Now they should start doing their magic, right? But it's not so simple, and it can all end up surprisingly disappointing.

SRE Fundamentals: Differences Between SLI vs. SLO vs. SLA

- thenewstack.io operations - November 17, 2022

These acronyms represent ways to quantify your commitments to system uptime and measure how successfully your site reliability engineering team is meeting them.