Welcome to this week’s edition of the DevOps Bulletin!

A hacker briefly slipped a destructive prompt into Amazon’s Q AI assistant, reminding us how risky code suggestions can be. Someone also hacked together a proxy to make GitHub Actions cache 10× faster. WhatsApp shared how they handle 40B daily messages with Erlang and simplicity. And PerfectScale is running a live workshop on how to cut Kubernetes GPU costs without breaking autoscaling, last seats available!

On the tutorial front, lock down AWS IAM using Access Analyzer and last-access data. Docker shared tips for building AI servers and using Compose to deploy SaaS services. You’ll also find Kubernetes auth basics, backdooring warnings, and a great example of using Claude to automate Terraform imports.

Our open‑source spotlight shines on standout tools like Manticore Search, a fast Elasticsearch alternative. Force Push Scanner finds secrets in GitHub’s oops‑commits. Gogs is a no-fuss Git server. Backlog.md helps teams and AI agents work together. And TheProtector is a one-file Linux security system for real-time monitoring and active threat response.

All this and more in this week’s DevOps Bulletin, don’t miss out!

Newsworthy stories

• Hacker slips malicious 'wiping' command into Amazon's Q

• Reverse engineering GitHub Actions cache to make it fast

• The future is not self-hosted

• How WhatsApp handles 40 billion messages per day

• ChatOps fatigue: how to create alerts that matter

Kubernetes Optimization Workshop (GPUs Included!)

Running Kubernetes efficiently is already complex. Add LLM workloads, and suddenly you're dealing with expensive GPU nodes that can't afford to sit idle.

Join Arthur Berezin (VP Product at PerfectScale by DoiT) and Anton Weiss (Chief Cluster Whisperer) as they share a clear, proven approach to optimizing Kubernetes costs without compromising reliability. You'll learn:

• How to manage CPU, memory, and GPU resources per workload.

• How to align these with autoscaling for maximum efficiency.

• Clear code examples + Real use cases + No fluff.

Last 50 seats available. Register now!

Tutorials of the week

• A simple way to improve bash script debugging

• Enforcing least privilege in AWS IAM

• 5 best practices for building, testing, and packaging MCP servers

• Compose your way with Docker Provider services!

• Kubernetes security fundamentals: Authorization

• How to backdoor a Kubernetes in silence

• Automating Terraform imports with configuration generation using Claude Code

Video of the week

📘 New Book: Practical FinOps (Now in Early Access)

The material comes straight from years of building a FinOps platform for Fortune-500 engineering teams, thousands of AWS, Azure, and GCP accounts, petabytes of data, and enough untagged resources to make a CFO cry.

Along the way, I kept a lab notebook of what actually worked and, more importantly, what didn’t. That notebook turned into this book.

📚 Grab Practical FinOps with 50% off (early access): here

Projects of the week

• Manticore Search is an easy-to-use, open-source, and fast database designed for search. It is a great alternative to Elasticsearch.

• This tool scans for secrets in dangling (dereferenced) commits on GitHub created by force push events.

• Gogs is a simple, stable, and extensible self-hosted Git service that can be set up in the most painless way.

• Backlog.md is a tool for managing project collaboration between humans and AI Agents in a git ecosystem.

• Linux Bash Script for the Paranoid Admin on a Budget - real-time monitoring and active threat response.

Meme of the week