Someone collected 3,600 Google API keys, pointed an AI at them, and Google paid out $500,000. The payout isn’t the interesting part. It’s how many of those keys should never have worked at all.

A separate group gained access to high-profile Instagram accounts this week without writing a single exploit. They just asked Meta AI for access. It said yes.

And while two companies were learning what their AI would hand to a stranger, AWS shipped one agent that reads your bill and another that diagnoses your EKS nodes before you’ve finished reading the alert.

Notice the pattern. The more we wire agents into internal tools, the more of them reach for things nobody actually gave them permission to touch, and most of those connections have no auth and no record of who asked. That’s the gap Zuplo’s MCP Gateway closes.

In the tutorials: why a plain web page can turn ChatGPT’s own output into a phishing link, how to let Terraform auto-apply without losing sleep, and the reason your Claude Code security review keeps missing the bug in the same session you wrote it.

On video: Anthropic spent a year warning everyone about AI, then shipped Fable 5. Plus real lessons from engineering teams shipping on Claude.

Then seven devtools worth a look, including a server monitor, a self-hosted Postgres with instant branching, and an AI agent that runs entirely off a USB stick.

Your MCP servers have no security. Fix that

AI agents are connecting to your internal tools, and most MCP servers ship with no auth and no audit trail. Zuplo's MCP Gateway puts OAuth, structured audit logs, and centralized access control in front of them - Lock it down.

Newsworthy stories

• Hacking Google with AI for $500,000

• AWS fired the one employee who gave a damn

• Announcing the public preview of AWS FinOps Agent

• Hackers simply asked Meta AI for access to high-profile Instagram accounts

• Scaling Zero Copy from 1 trillion to 120 trillion rows with file federation

• How CockroachDB built vector indexing at scale

Tutorials of the week

• The architecture of a file tree that never freezes

• Safe Terraform auto-apply with conftest

• Your infrastructure repo is a mess (here’s how to fix it)

• Diagnose EKS Node issues faster with AWS DevOps Agent

• Lessons from building Claude Code: how we use skills

• ChatGPT markdown rendering vulnerability

• Hosting coding agents on Amazon Bedrock AgentCore

• EXPLAIN prettier, or post-processing query plans in Postgres

• Hidden gaps in Claude Code security reviews

• How to avoid rebuilding infrastructure for every new project

Videos of the week

Projects of the week

• Tabularis runs SQL notebooks, visual EXPLAIN plans, and an MCP server against Postgres, MySQL, and SQLite.

• Beszel monitors CPU, memory, disk, network, GPU, and Docker stats with alerts and history.

• doco-cd auto-deploys your Docker Compose projects and Swarm stacks straight from Git via webhooks.

• NeonD gives self-hosted Postgres instant branching, S3 durability, and point-in-time recovery.

• HelixDB stores both graph and vector data in a single OLTP engine for AI apps.

• Hermes-USB-Portable runs a self-contained AI agent off a USB drive with zero host dependencies.

Meme of the week

Three things happened this week that should bother you more than they probably do.

You can delete a Google API key and it keeps authenticating. You can have your GitHub token stolen in a single click without installing anything shady. And the Kubernetes Dashboard you’ve leaned on for years is being shown the door, with a replacement most people haven’t tried yet.

None of these are edge cases. They’re the kind of quiet shifts that don’t make the front page until they’ve already cost someone a weekend. Below: what’s actually going on with each, the supply chain secrets sitting on your dev laptop right now, why your AI-written incident reviews keep getting the root cause wrong, and 8 tools worth a look before Friday.

Speaking of catching things early: this week’s sponsor, Mendral, flagged a supply chain attack two weeks before it went public. It’s built by Docker and Dagger veterans and already chews through 1.18B log lines a week at PostHog.

Platform engineering on autopilot

Mendral is an autonomous AI DevOps engineer that handles the work your engineers shouldn’t be doing manually anymore: supply chain security, flaky CI, slow builds, and anything else specific to your stack - Try it out!

Newsworthy stories

• From Kubernetes Dashboard to Headlamp

• Google API keys keep working after you delete them

• I read the viral “Leaving AWS” post twice. Most of it is a skill issue

• The problem with AI-generated post-incident reviews

• You shipped it fast. But did you ship it right?

• AI through IaC, not instead of it

Tutorials of the week

• 1-click GitHub token stealing via a VSCode bug

• From Jira to PR: how we built agent-driven pipelines for design system changes

• Build an EKS environment factory with Pulumi and vCluster

• Well-architected best practices for software supply chain security

• Migrating from Go to Rust

• Detecting and removing dangerous secrets on dev workstations before Shai-Hulud does

• Securing your Gemini and Google API keys

• Handling graphs with SQL/PGQ in PostgreSQL

Videos of the week

Projects of the week

• Git Concepts Simulator is a browser game that teaches Git by letting you run commands and watch files move between the working directory, staging area, and remotes.

• Bumblebee is a Go read-only scanner from Perplexity that inventories packages and extensions across 9+ ecosystems to flag known-compromised software.

• GitHub Desktop Plus is a community fork of GitHub Desktop, adding multi-account support, Git worktrees, and commit search.

• Sandboxes is a Go engine for self-hosted cloud dev environments with built-in AI agents and live preview URLs, running on Docker with no Kubernetes.

• Mercek is a local-first desktop IDE for Amazon ECS with multi-account discovery, ECS Exec shell access, and Fargate right-sizing, read-only by default.

• Paseo is a control plane for running multiple AI coding agents (Claude Code, Codex, Copilot) in parallel across mobile, desktop, and CLI, fully self-hosted.

Meme of the week

On the tutorial side, a practical guide walks through Terraform state isolation using workspaces versus file layouts with S3 backends, and a case study on cutting a $140K Snowflake bill to $38K in three months using auto-suspend tuning, clustering keys, and query profile analysis. For system design, a deep dive into building S3-style object storage covers metadata/data separation, erasure coding, multipart uploads, and compaction. Plus a full K8s scheduling breakdown that traces the filter/score/bind loop with debugging playbooks for when your pod goes Pending.

For videos this week: a personal take on how AI has reshaped the day-to-day coding workflow, and a practical walkthrough of running LLMs on Kubernetes with LLMKube.

This week’s open source picks include Pullfrog, a TypeScript GitHub bot that triggers AI coding agents inside GitHub Actions via PR comment mentions; pgGraph, a Rust PostgreSQL extension that adds graph traversal to relational tables without a separate graph database; and Pathfinding Cloud Labs, a catalog of 100+ hands-on AWS IAM privilege escalation scenarios with a plabs CLI. Also worth checking: KeyLedger for unified AI API key management with health scoring, Murr for zero-copy ML inference caching on RocksDB, and ktx, a TypeScript/Python MCP context layer that helps AI agents query Snowflake and BigQuery accurately.

Newsworthy stories

• AWS restored my account: the human who made the difference

• GitHub Actions outage told devs “your account is suspended”

• How an attacker used LLMs to move from a CVE to an internal database in 4 pivots

• Rising AI spend turns FinOps into a boardroom strategist

• Gemini 3.5 deleted 28,745 lines, broke production, then fabricated the post-mortem

• Postgres is all you need for durable workflows

• How AWS DevOps agent uses multi-agent reasoning to find root causes

Tutorials of the week

• Terraform state isolation: how I kept dev, staging, and production from destroying each other

• ISO 27001 on AWS: building compliance into the architecture

• I inherited a $140K Snowflake bill. 3 months later, it was $38K. Here’s everything I learned

• Design S3 object storage like a senior engineer

• AI-powered event-driven Amazon EKS AMI updates with GitOps

• Automating security operations with AI: triaging Renovate PRs

• Where did my pod go? A deep dive into K8s scheduling

• Governing infrastructure as code using pattern-based policy as code

Videos of the week

Projects of the week

• Pullfrog is a model-agnostic GitHub bot that triggers AI coding agents inside GitHub Actions via PR/issue comment mentions, no separate infrastructure needed.

• KeyLedger is a TUI dashboard for managing AI provider API keys across OpenAI, Anthropic, AWS IAM, Google Cloud, and Mistral.

• pgGraph is a Rust PostgreSQL extension that adds graph traversal and shortest-path queries directly to relational tables via SQL.

• Pathfinding Cloud Labs is a catalog of 100+ hands-on AWS IAM privilege escalation labs across EC2, Lambda, ECS, SageMaker, and cross-account scenarios.

• Murr is a Rust RocksDB-backed caching layer for ML inference that manages tiered storage across RAM, NVMe, and S3 with zero-copy conversion.

• HeidiSQL is a GUI database client that supports MariaDB, MySQL, PostgreSQL, SQL Server, SQLite, Interbase, and Firebird.

• ktx is an MCP context layer that helps AI agents query data warehouses accurately by ingesting metric definitions and schema metadata from dbt, LookML, Looker, Metabase, and Notion.

Meme of the week

The team behind Docker and Dagger built Mendral, an autonomous AI DevOps engineer that investigates root causes across your repos, CI logs, Dockerfiles, and IaC, then ships fixes as reviewable PRs. Worth a look if supply chain security or slow CI is eating your engineers’ time.

A malicious VS Code extension granted attackers access to 3,800 GitHub repositories this week, raising fresh questions about extension trust in developer toolchains. Docker Sandbox’s undocumented microVM API was fully reverse-engineered and documented by the Rivet team; Terraform 1.15 landed with dynamic source references and variable deprecation; and Anthropic engineers are dropping Markdown in favor of raw HTML when building with Claude Code.

On the tutorial side: security researchers show exactly how malicious skills and agents can compromise Claude Code, Teads walks through cutting BigQuery slot usage by 90% after a production outage, there’s a deep-dive into building a distributed search engine in pure Go, and a postmortem on how unused Postgres indexes silently ate 41GB. Plus canary deployments with AWS SAM, root cause analysis with the AWS DevOps Agent, and Bedrock API key security.

For videos this week: how a single PR nearly hijacked the NPM registry, and a candid take on what moving too fast in software actually costs you.

This week’s projects include SCAM, a 1Password benchmark that tests AI agents’ security awareness in real-world workplace scenarios; pgsqlite, a Postgres wire protocol adapter for SQLite; swamp, a CLI for building reviewable AI agent workflows stored in Git; and capsule, a multi-tenancy framework for Kubernetes.

The team behind Docker and Dagger built an AI DevOps engineer

Mendral is an autonomous AI DevOps engineer that handles the work your engineers shouldn't be doing manually anymore: supply chain security, flaky CI, slow builds, and anything else specific to your stack.

It investigates root causes across your repos, CI logs, Dockerfiles, lockfiles, and IaC, then ships the fix as a reviewable PR - pinning CVEs, killing flakes, tuning cache layers, and upgrading dependencies without taking your engineers off product work - Try it out!

Newsworthy stories

• LLMs are good at SQL. We gave our terabytes of CI logs

• The request is the wrong unit of scale for LLMs on Kubernetes

• We reverse-engineered Docker Sandbox’s undocumented microVM API

• GitHub confirms breach of 3,800 repos via malicious VSCode extension

• Open in VSCode for Terraform in Azure Copilot

• How Anthropic engineers are building with Claude

Tutorials of the week

• Identifying security risks using AWS Cost and Usage Report data

• Live canary deployments with AWS SAM

• Mounting Git commits as folders with NFS

• Automate root cause analysis across Datadog and Elasticsearch with AWS DevOps Agent

• Compromising Claude Code with malicious skills and agents

  

• Building a distributed search engine in pure Go

• How we cut BigQuery slot usage by 90%

• AWS Bedrock security guide: API keys, detection, and response

• How unused indexes ate 41GB of Postgres storage

• Best practices for computer and browser use with Claude

Videos of the week

Projects of the week

• pgsqlite is a PostgreSQL protocol adapter for SQLite, allowing any PostgreSQL client to connect to and query SQLite databases over the standard wire protocol.

• SCAM is a benchmark from 1Password that tests AI agents’ security awareness through realistic, multi-turn workplace scenarios.

• snipe-it is an IT asset and license management system.

• changedetection.io is a website change-detection tool that alerts you when content, prices, or stock levels change.

• swamp is a CLI that supercharges AI agents to build reviewable, shareable operational workflows, stored as versioned YAML in a Git directory.

• capsule is a multi-tenancy and policy framework for Kubernetes that enforces namespace isolation and resource policies across tenant clusters.

• git-switch is a native Git client that runs dev servers directly from the UI.

Meme of the week

On the tutorial side: zero-downtime blue-green frontend deploys on a single EC2 instance with Docker and Nginx, a ten-control GitHub Actions security checklist for surviving supply chain attacks, a breakdown of how Docker’s ONBUILD directive becomes a hidden attack vector in base images, Anthropic’s own guide to running Claude Code in large codebases, a walkthrough of automating dev workflows with MCP, schema validation for Terraform input configs using CUE, and querying Redis with plain SQL.

For videos this week: an argument for why Jenkins is now effectively dead, and a look at the single hottest programming skill to have in 2026.

This week's open source picks include deepsec, a Vercel Labs scanner that runs coding agents across microVMs to find vulnerabilities in large repos; coroot, an eBPF observability platform with zero-instrumentation telemetry and AI root cause analysis; dockhand, a Docker management UI on a hardened Wolfi OS layer; re_gent, version control for AI coding agents that records which prompt wrote each line; petri, a drop-in PostgreSQL replacement that hands every test its own isolated database; tfrev, a Claude-powered reviewer that flags dangerous Terraform plan mismatches; and workshop, a local debugger for coding agents that streams traces and self-heals failing code.

Newsworthy stories

• Your container is not a sandbox

• AI load breaks GitHub, why not other vendors?

• What’s gone wrong at GitHub?

• Why I’m leaving GitHub for Forgejo

• AI assistants are leaking your conversations

• The (in)security landscape of AI-powered GitHub Actions

• Everything you know about scaling web apps breaks when you serve an LLM

• How we replaced Ingress-NGINX at Stack Overflow

• Top 15 CI/CD metrics

• The danger of multi-SSO AWS Cognito user pools

Tutorials of the week

• GitHub Actions security checklist for supply chain attacks

• Schema validation for Terraform input configuration

• Use Redis with SQL

• Zero downtime frontend deploys with blue-green on a single EC2

• Unmasking the Docker ONBUILD supply chain attack vector

• How Claude Code works in large codebases

• Automate your dev workflows with MCP

• Inbox and outbox patterns for reliable event processing

• My favorite Go backend architecture pattern

Videos of the week

Projects of the week

• deepsec runs coding agents across microVMs to scan large repos for vulnerabilities, resuming where it left off after interruptions.

• coroot is an eBPF-based observability platform with zero-instrumentation metrics, logs, traces, and AI-powered root cause analysis.

• dockhand is a Docker management UI for container orchestration, Compose stacks, and Git-based deployments.

  

• re_gent is version control for AI coding agents that records which prompt wrote each line, with rgt log, rgt blame, and rgt show.

• petri is a drop-in PostgreSQL replacement that gives every test its own isolated, seeded database with no cleanup or shared-state flakiness.

• tfrev uses Claude to review Terraform plans against code changes and flag intent mismatches like a tag edit triggering a full destroy and recreate.

• workshop is a local debugger for coding agents that streams traces in real time, writes evals, and self-heals failing code until assertions pass.

Meme of the week

IaCConf 2026 is this edition’s sponsor, a virtual event on May 14th that brings together platform engineering leaders to discuss what happens to your platform abstractions and metrics when AI becomes a first-class consumer of your infrastructure.

On the news side, a direct argument that Terraform is now obsolete, as LLM can translate intent into infrastructure without an intermediate DSL. One engineer left port 22 open on the internet for 54 days and documented exactly who showed up. AWS shipped S3 Files, a native NFS layer that lets Lambda, EKS, and EC2 mount S3 buckets as shared filesystems without changing application code. Researchers using AI tools found RCE vulnerabilities in PostgreSQL’s pgcrypto extension and MariaDB’s JSON validation logic that had been sitting there for over 20 years, with patches now out for both. Postman shared how they scaled security reviews across engineering without creating a bottleneck. Google published its official BigQuery threat model covering 14 attack vectors, including privilege escalation and data exfiltration.

On the tutorial side: a SQL learning game built around Squid Game’s format with 9 progressive levels, a PCI-DSS compliant GKE framework walkthrough for financial institutions, building a serverless AI agent code review system on top of AWS S3 Files and Lambda, a step-by-step guide to fixing CrashLoopBackoff in Kubernetes, Cilium’s CI/CD security lessons from running a large open source project, Slack’s migration of 700+ EMR pipeline jobs from SSH to REST with zero downtime, and a practical look at stopping Claude Code from leaking sensitive data using Cedar policy-as-code.

For videos this week: on networking concepts every DevOps engineer needs to know, and a deep dive into why the GitHub situation just got worse.

This week’s open source picks include late.sh, a Rust SSH terminal with real-time chat, lofi streaming, and games on a PostgreSQL backend; frak, a Node.js CLI that deploys files over rsync with interactive diffs and post-deploy hooks; Sn1per, an offensive security platform in Shell and Lua orchestrating 90+ tools with 600+ exploits in a single Docker workspace; GreptimeDB, a Rust observability database unifying metrics, logs, and traces as a drop-in for Prometheus, Loki, and Elasticsearch at 50x lower storage cost; waffle, a Go CLI that runs AWS Well-Architected reviews against Terraform files via Amazon Bedrock; and graphify, a Python tool that turns codebases, docs, PDFs, and videos into knowledge graphs for Claude Code, Cursor, and GitHub Copilot.

Your Platform Engineering playbook needs an AI rethink

Join the sharpest minds in platform engineering from Google, AHEAD, Mondelez, & Weave Intelligence to learn if the metrics, abstractions, and practices you’re relying on today will still hold up as AI becomes a first-class consumer of your platform.

Register Now - May 14th

Newsworthy stories

• Terraform is dead

• I left port 22 open on the internet for 54 days, here’s who showed up

• S3 is not a filesystem, but now there’s one in front of it

• AI sandboxing is having its Kubernetes moment

• How we scaled security reviews without slowing down engineering

• S3 is the perfect place to store data, until you try to search it

• BigQuery threat model report

• AI finds 20-year-old bugs in PostgreSQL and MariaDB

• Trunk-based development: your pull requests are still too big

Tutorials of the week

• SQL Squid Game

• Building a PCI-DSS compliant GKE framework for financial institutions

• Lambda just got a file system. I put AI agents on it

• Building an MCP server using PostgreSQL

• How do I fix CrashLoopBackoff in Kubernetes?

• Building secure PII encryption at scale

• Securing CI/CD for an open source project

• A security-driven modernization of Slack’s EMR data pipelines

• How to stop Claude Code from leaking sensitive data

Videos of the week

Projects of the week

• late.sh is a Rust-based terminal social platform over SSH with real-time chat, lofi streaming, and shared TUI games.

• frak is a Node.js CLI that deploys files to remote servers via rsync over SSH with interactive diffs and post-deploy hooks.

• Sn1per is a Shell/Lua offensive security platform consolidating recon, scanning, exploitation, and reporting across 90+ tools in one Docker workspace.

• GreptimeDB is a Rust observability database that unifies metrics, logs, and traces as a drop-in replacement for Prometheus, Loki, and Elasticsearch.

• waffle is a Go CLI that runs AWS Well-Architected Framework reviews against Terraform files via Amazon Bedrock.

• ai-dba-workbench is a Go/TypeScript PostgreSQL monitoring platform with AI anomaly detection and natural language cluster queries via MCP.

• git-commands-cheatsheet is a zero-dependency HTML reference covering 115 Git commands.

• graphify is a Python tool that turns codebases, docs, PDFs, and videos into queryable knowledge graphs for Claude Code, Cursor, and GitHub Copilot.

Meme of the week

TeamCity 2026.1 introduces a set of focused improvements that make your CI/CD more intuitive, intelligent, and enterprise-ready.

Werner Vogels published a detailed look at the engineering behind Lambda’s network. On the security side, GitHub Actions is identified as the weakest link in your CI/CD chain, with a thorough breakdown of how supply chain attacks can move through workflows. Cloudflare shared the internal AI engineering stack they actually run, including how they’re orchestrating AI code review at scale across their own engineering org. Halodoc documented their migration of AWS MSK from ZooKeeper to KRaft using a canary approach, and one team explains why Dockerfile practices cost you before they ever become a security problem.

On the tutorial side: a $1,432 to $233/month hosting cut by moving from DigitalOcean to Hetzner with zero downtime, Terraform module design via an AI agent skill built around design decisions first and code generation second, a detailed argument that Terragrunt’s run-all is broken beyond repair by multi-state transactions, benchmarking workflow execution scalability on Postgres, building a production MCP server in Go, auto-diagnosing Kubernetes alerts with HolmesGPT, and Cloudflare’s own AI code review pipeline in depth.

For videos this week: a practical terminal setup combining Tmux, btop, and GPU monitoring into a single system monitoring workflow, a real-world look at what a billion database rows actually looks like in production, and an investigation into why companies spend millions buying GitHub stars.

This week’s open source picks include JuiceFS, a Go-based POSIX file system that stores data in S3 and metadata in Redis or MySQL with 10x the sequential throughput of EFS; Gatus, a Go health dashboard that monitors over HTTP, TCP, DNS, gRPC, and 40+ alerting integrations; kured, the CNCF Sandbox Kubernetes daemonset that automates safe node reboots using API server locking; and RedAI, a TypeScript and Python workbench that validates AI-discovered vulnerabilities in live browser and simulator environments before generating reports.

AI, Pipelines, and Enterprise CI/CD

TeamCity 2026.1 introduces a set of focused improvements that make your CI/CD more intuitive, intelligent, and enterprise-ready. Join us on May 12th for a live walkthrough of the latest updates, including the new TeamCity CLI and MCP support!

Newsworthy stories

• The invisible engineering behind Lambda’s network

• GitHub Actions is the weakest link

• The AI engineering stack we built internally

• Dockerfile practices are a DevOps tax before they are a security concern

• Migrating AWS MSK from ZooKeeper to KRaft

Tutorials of the week

• Terraform module design is the hard part, so I built an agent skill for it

• Migrating from DigitalOcean to Hetzner: from $1,432 to $233/month with zero downtime

• Terragrunt is dead: multi-state transactions killed run-all

• Does Postgres scale?

• Orchestrating AI code review at scale

• My Claude Code setup

• AWS DevOps Agent: your AI SRE is now on call

• Auto-diagnosing Kubernetes alerts with HolmesGPT and CNCF tools

• Dockerizing a Java 26 project with Docker Init

• Building a production MCP server in Go

Videos of the week

Projects of the week

• JuiceFS is a Go-based POSIX distributed file system that stores data in S3 and metadata in Redis or MySQL, with 10x more throughput than EFS.

• Gatus is a Go health dashboard that monitors services over HTTP, TCP, DNS, gRPC, and SSH with 40+ alerting integrations.

• winpodx is a Python tool that runs Windows apps as native Linux windows using FreeRDP RemoteApp and a containerized Windows instance.

• kured is a Go Kubernetes daemonset that safely reboots nodes one at a time using API server locking. CNCF Sandbox project.

• RedAI is a TypeScript/Python workbench that uses AI agents to find and validate vulnerabilities in live browser and simulator environments.

• Rocky is a Rust control plane for data warehouse pipelines with column-level lineage, schema drift detection, and compile-time data contracts.

Meme of the week

Bright Data CLI gives coding agents (Claude Code, Cursor, Copilot) real-time web scraping and structured data extraction from 40+ platforms, directly from the terminal, at 10-32x the cost of MCP for equivalent tasks.

Sysdig documented how CVE-2026-33626 enabled a published LMDeploy advisory to become a working SSRF exploit within 12.5 hours, with attackers probing for AWS IMDS credentials, Redis, and MySQL endpoints. Palo Alto’s Unit 42 took it further, publishing findings from building an autonomous AI agent that attacks cloud infrastructure on its own. Wiz published a detailed GitHub Actions threat model, and Synthesia shared what actually moved the needle when scaling vulnerability management with AI.

On the tutorial side, we cover migrating from Ingress NGINX to Traefik or Gateway API without the usual pain, building eBPF-based bandwidth limiting in the AWS Network Policy Agent, deploying Docker apps to Linux with K3s, and using Claude Code for DevSecOps on AWS. Plus: automating incident investigation with the AWS DevOps Agent.

This week’s open source picks include clawsec, a security suite that protects AI agents from prompt injection; pmg, a Go-based package manager guard that blocks malicious npm, pip, and yarn packages before they run; pgweb, a zero-dependency Postgres web UI that ships as a single Go binary; and GreenKube, a Python tool for tracking and reducing the carbon footprint of Kubernetes clusters.

Your AI agent can’t see the web. Fix that in 30 seconds.

Bright Data CLI gives coding agents (Claude Code, Cursor, Copilot) real-time web scraping, search, and structured data extraction from 40+ platforms - directly from the terminal. One command. No MCP overhead. No schema bloat. 10-32x cheaper than MCP for equivalent tasks - Check out the GitHub repo

Newsworthy stories

• Primer on GitHub Actions security

• Can AI attack the cloud?

• Most devs ignore git worktree

• ISO 27001 on AWS: building compliance into the architecture

• Scaling vulnerability management with AI: what actually worked

• The engineering manager’s attention budget

Tutorials of the week

• Automating incident investigation with AWS DevOps Agent

• Migrate from Ingress NGINX to Traefik or Gateway API in minutes, not days

• A better way to deploy a Docker app to a Linux server

• A framework for securely collecting forensic artifacts into S3 buckets

• The Claude Code DevSecOps shift on AWS

• Building eBPF-based bandwidth limiting in AWS Network Policy Agent

• How attackers exploited LMDeploy LLM inference engines in 12 hours

Videos of the week

Projects of the week

• clawsec is a security skill suite for AI agents that defends against prompt injection and provides dedicated protection modules for OpenClaw, NanoClaw, and Hermes.

• xata is a cloud-native platform for self-hosting Postgres on Kubernetes with copy-on-write branching (copy TBs in seconds).

• clauditor is a security scanner that audits Claude Code configuration across user, project, local, and managed scopes with 50+ built-in checks, severity ratings, and a hardened settings generator for CI/CD pipelines.

• pmg is a Go-based package manager guard that intercepts npm, pip, yarn, pnpm, bun, and uv installations to block malicious packages using real-time threat intelligence.

• ml-intern is an autonomous ML engineer agent that reads papers, trains models, and ships through a 300-iteration agentic loop.

• pgweb is a web UI for PostgreSQL that ships as a single binary with no dependencies, supporting SSH tunnels, multiple concurrent sessions, and data export.

• GreenKube is a tool for monitoring and reducing the carbon footprint of Kubernetes clusters.

Meme of the week

IaCConf 2026 is back on May 14, free and virtual. Corey Quinn is keynoting on AI writing Terraform code, and if that’s part of your stack, it’s worth the two hours.

Wiz traced a GitHub Actions supply chain campaign to six accounts pushing AI-generated malicious packages under the prt-scan name. A researcher also found that Claude Code’s deny rules are silently bypassed when the token cost of running security checks gets too high. Cloudflare shipped Artifacts, versioned storage that speaks Git and targets agent workflows, and Duolingo walked through migrating 500+ backend services from ECS to EKS with Argo CD and IPv6-only pod networking.

On the tutorial side: Grafana’s Kubernetes monitoring Helm chart v4, deploying MCP servers on Amazon ECS, how Slack manages context in long-running agentic applications, Cloudflare’s reference architecture for safer enterprise MCP deployments, and a straight question: do you even need a database?

Open source this week includes codeburn, a terminal dashboard tracking AI coding token costs across Claude Code, Codex, Cursor, and Copilot, tigerfs for mounting PostgreSQL as a filesystem you can browse with ls and cat, mergetopus for parallelizing large Git merges across multiple developers, and aimock, a single-package mock for LLM APIs, MCP, vector DBs, and search.

Join the IaCConf 2026 Keynote: “AI Speaks Terraform Like a Tourist”

Nobody calls out cloud infrastructure nonsense quite like Corey Quinn. If your team is using AI to write infrastructure code, you NEED to come hear this. Join us for his keynote at the free virtual conference built for engineers who manage infrastructure at scale - Grab your free spot

Newsworthy stories

• Inside the prt-scan supply chain campaign

• How GitHub uses eBPF to improve deployment safety

• The AWS Lambda “kiss of death”

• I imported the Linux kernel into PostgreSQL

• Versioned storage that speaks Git

• Duolingo’s Kubernetes leap

• Critical Claude Code vulnerability

• Vulnerability research is cooked

Tutorials of the week

• Kubernetes monitoring Helm chart v4

• Using GitHub Copilot to write unit tests fast

• The Claude Code DevSecOps shift on AWS

• Transforming FinOps with the latest Amazon Q cost capabilities

• Do you even need a database?

• Deploying MCP servers on Amazon ECS

• Managing context in long-run agentic applications

• Reference architecture for enterprise deployments of MCP

• A GitHub agentic workflow

• Multi-agent system reliability

Videos of the week

Projects of the week

• pompelmi is a minimal Node.js wrapper around ClamAV that scans any file for malware.

• hiraeth is a local AWS emulator built for fast SQS integration testing, with SQLite state persistence and a built-in web debugging interface.

• codeburn is a terminal UI dashboard that tracks AI coding token usage and costs across Claude Code, Codex, Cursor, and GitHub Copilot.

• mergetopus is a tool that untangles complex Git merges by splitting conflicted files into parallel slice branches, letting multiple developers resolve different conflicts at the same time.

• tigerfs is a Go filesystem interface backed by PostgreSQL that lets you mount a database and browse it with standard Unix tools.

• osv.dev is Google’s open source vulnerability database and triage service, tracking vulnerabilities across multiple package ecosystems.

Meme of the week

Noros connects to your AWS, GCP, and Azure accounts in 5 minutes and answers questions like “why did my spend spike this month?” in seconds. DevOps Bulletin readers get a free month at launch.

This week, BeyondTrust uncovered a command injection flaw in OpenAI Codex that exposed GitHub tokens, and Claude Code’s source code was leaked through npm source maps. Giant Swarm detailed how they live-migrated hundreds of Kubernetes clusters to the Cluster API with zero downtime.

On the tutorial side: AWS launched S3 Files to let you mount buckets as file systems; Ingress NGINX hit EOL, and Datadog walks through migrating to Kubernetes Gateway API; SpecterOps shows how Claude Code raises the bar for secure code reviews in pentesting engagements. Plus: why you should never let AI near your production database, how Slack replaced custom network tooling with Prometheus for HTTP/3 readiness, a complete Terraform setup for EKS Auto Mode, and the Git commands worth running before touching any unfamiliar codebase.

This week’s open source picks include PentAGI, a fully autonomous AI pentest agent in Go with 14.7k stars; Gardener, which manages Kubernetes clusters at scale across any infrastructure using hosted control planes; keeper, a Go cryptographic secret store; and skrun, which deploys agent skills defined in SKILL.md files as callable REST APIs.

What if you could ask your cloud bill anything?

Why is my spend 5% higher this month?” Noros is the AI agent that answers in seconds. Ask about anomalies, overprovisioned instances, cost spikes, and more across AWS, GCP, and Azure. DevOps Bulletin readers get a free month at launch.

Join the waitlist.

Newsworthy stories

• Open source security at Astral

• Live migrating hundreds of Kubernetes clusters to Cluster API

• OpenAI Codex command injection vulnerability exposes GitHub tokens

• Claude Code source leaked via npm source maps: lessons for every DevOps team

• Trunk-based development: why most teams think they use it (but don’t)

• How we built a real-world evaluation platform for autonomous SRE agents at scale

Tutorials of the week

• Enforcing AI governance across AWS organizations

• Launching S3 Files, making S3 buckets accessible as file systems

• Don’t let AI touch your production database

• I replaced Portainer, Grafana, and Prometheus with this stack

• Leveling up secure code reviews with Claude Code

• The Git commands I run before reading any code

• I let Claude review my PRs: what it caught and missed

• A practical guide for migrating to Kubernetes Gateway API

• A complete Terraform setup for EKS Auto Mode: is it right for you?

• Scalable network probing and HTTP/3 readiness with Prometheus

• Deploying Go apps to Google Cloud Run

Videos of the week

Projects of the week

• keeper is a Go cryptographic secret store that encrypts payloads at rest.

• npm-security-best-practices is a list of security best practices across supply chain attack mitigation, dependency resolution, and vulnerability scanning.

• PentAGI is a fully autonomous AI agent system for penetration testing, packing 20+ built-in security tools.

• tui-use is a tool that lets AI agents control interactive terminal programs (REPLs, debuggers, TUI apps) that normally require a human at the keyboard.

• DriftHound is an app that receives Terraform drift reports via API and provides a centralized dashboard for tracking infrastructure drift across projects.

• Gardener is a Go platform for managing homogeneous Kubernetes clusters at scale across any infrastructure using hosted control planes.

• skrun is a framework that deploys agent skills defined in SKILL.md files as callable REST APIs.

Meme of the week

Welcome to this week’s edition of the DevOps Bulletin.

The Axios npm library was compromised through a targeted attack on the maintainer’s computer, exposing how vulnerable open-source projects can be…

Read more

Welcome to this week’s edition of the DevOps Bulletin.

Malware hit PyPI through a poisoned LiteLLM package last week, and the full minute-by-minute response took just 72 minutes from discovery to publ…

Read more

From S3 bucketsquatting finally being dead after a decade of exploitation, to Reddit migrating petabyte-scale Kafka from EC2 to Kubernetes with z…

Read more

An autonomous bot spent 7 days exploiting GitHub Actions across Microsoft, DataDog, Aqua Security, and CNCF projects — exfiltrating tokens with w…

Read more

Welcome to this week’s edition of the DevOps Bulletin.

From Iranian drone strikes taking down AWS data centers in the UAE and Bahrain, to Truffle Security finding 2,863 live Google API keys on the pub…

Read more

Welcome to this week’s edition of the DevOps Bulletin.

Big news this week includes an exclusive offer for DevOps Bulletin subscribers: up to $100k in free credits for building or scaling your stack on…

Read more

Welcome to this week’s edition of the DevOps Bulletin.

In this week’s news, we unpack the hidden friction inside FOCUS 1.2 and what happens when a clean FinOps specification collides with messy real b…

Read more

In this week’s news, we look at what Heroku’s “sustaining engineering” announcement really means for teams still running production workloads the…

Read more

In this week’s news, we look at why GitHub Actions is becoming a serious productivity bottleneck for many teams, what it actually takes to own a …

Read more

Welcome to this week’s edition of the DevOps Bulletin.

We open with a growing problem security teams are quietly struggling with. AI tools are moving sensitive data across SaaS and internal systems in…

Read more