Digest #186: Inside the AWS Outage, Docker Compose in Production, F1 Hacks and 86,000 npm Packages Attacks

A massive npm supply chain attack, and a global F1 data breach. Discover how Netflix’s Tudum serves 20M users with CQRS, why AWS deprecated 20+ services, and explore hands-on DevOps guides.

Nov 01, 2025

Welcome to this week’s edition of the DevOps Bulletin!

A recent 14-hour AWS us-east-1 outage took down 140 services after a DNS race condition in DynamoDB spiraled out of control. Palo Alto’s Unit42 uncovered a cloud-based gift card fraud campaign, and researchers exploited bugs in the FIA portal to access F1 driver data. Meanwhile, npm faced another supply-chain attack, with over 86,000 malicious packages downloaded.

Cloudflare detailed how it’s escaping the Linux networking stack, AWS quietly deprecated two dozen services, and Netflix revealed how Tudum supports 20M+ users using CQRS.

On the hands-on side: Docker Compose in production, ArgoCD for multi-cluster deployments, detecting bad images in S3 with Rekognition, and TDD with Terraform. Plus, why for some workloads, Postgres can beat Kafka.

Tools of the week: WhoDB (chat-based DB explorer), LME (CISA’s free SIEM), Grype (vulnerability scanner), Kanchi (Celery monitor), Bruin (data pipeline), and Nyno (multi-language workflow engine).

All this and more in this week’s DevOps Bulletin, don’t miss out!

Newsworthy stories

Tutorials of the week

Enjoying the Bulletin? Consider supporting it with a paid subscription. You’ll keep the free Friday issues and get extras like bonus deep-dives, templates, and the full archive.

Videos of the week

📘 FinOps Tip of the Week

Ever feel like your cloud bill keeps growing, but you’re not sure where the money’s going? Start with an asset inventory.

Diagram titled 'Cloud Asset Inventory' illustrating categories of cloud resources: IAM Policies (User Roles, Permissions, Access Levels), Compute Instances (Containers, Virtual Machines, erverless Functions), Storage Resources (Buckets, Block Storage Volumes, Archival Solutions), Databases (SQL Databases, NoSQL Databases, Data Warehouses), and Network Configurations (VPCs, Subnets, IP Addresses, Firewalls, DNS Settings). IAM Policies connect to all categories via dashed lines, symbolizing centralized governance.

Listing all your resources — EC2 instances, S3 buckets, Lambdas, and more — often reveals idle or forgotten assets quietly adding to your bill. You can script it yourself with the AWS CLI or use tools like AWS Config or CloudQuery for a more automated setup.

If you want more hands-on tips like this, check out my latest book, “Practical FinOps”.

Projects of the week

A lightweight next-gen data explorer - Postgres, MySQL, SQLite, MongoDB, Redis, MariaDB, Elastic Search, and Clickhouse with Chat interface.

LME is a no-cost, open-source platform that centralizes log collection, enhances threat detection, and enables real-time alerting.
Grype is a vulnerability scanner for container images and filesystems.
Kanchi is a real-time Celery task monitoring (and management) system with an enjoyable user interface.

Bruin is a data pipeline tool that brings together data ingestion, data transformation with SQL & Python, and data quality into a single framework.
Nyno is an open-source multi-language workflow engine that lets you build, extend, and connect automation in the languages you already know.

Meme of the week

r/ProgrammerHumor - shotYourselvesInTheFoot

If you have feedback to share or are interested in sponsoring this newsletter, feel free to reach out via LinkedIn, or simply reply to this email.