Welcome to this week’s edition of the DevOps Bulletin.

The Axios npm library was compromised through a targeted attack on the maintainer’s computer, exposing how vulnerable open-source projects can be. At the same time, developers are switching from traditional SSH keys to certificates for better security, and attackers are using fake VS Code alerts on GitHub to trick developers into clicking malicious links.

On the practical side, teams are using AI agents to automatically respond to incidents, securing LLM running on Kubernetes against injection attacks and model tampering, and learning how to use AWS KMS to mitigate ransomware attacks. Plus guides on running Terraform generation locally with open source tools, using Atlantis and GitHub Actions together for infrastructure changes, and securing Kubernetes clusters for payment compliance.

This week’s open source picks include SQLite with built-in JSON and search features; rpg, a Postgres client with AI built in; zerobox, a tool to safely run untrusted code; and argo-rollouts for smoother Kubernetes deployments. Plus coasts for running isolated development environments, databend for analytics and AI, and nushell for a better shell.

All this and more in this week’s DevOps Bulletin, don’t miss out!

Is your infrastructure keeping pace with AI?

IaCConf 2026 is the annual virtual event for all things infrastructure-as-code. This year's theme: keeping pace. Hear real stories from practitioners, demos of what platform teams are building, and discussions from those leading IaC initiatives.

Register for free today

Newsworthy stories

• SSH certificates: the better SSH experience

• Modern SQLite features you didn’t know it had

• DevOps AI: Where are we headed?

• Post Mortem: axios npm supply chain compromise

• How automated release approvals reduced deployment latency to seconds

• Widespread GitHub campaign uses fake VSCode security alerts

Tutorials of the week

• Leverage agentic AI for autonomous incident response with AWS DevOps agent

• Simulating ransomware with AWS KMS

• LLMs on Kubernetes

• 6,000 AWS accounts, three people, one platform

• Using AI for Terraform

• How to use Atlantis with GitHub Actions for Terraform

• Building PCI DSS-compliant architectures on Amazon EKS

• Best way to upload 25-30 TB data from a HDD to S3

Videos of the week

Projects of the week

• rpg is a PostgreSQL terminal client written in Rust that brings AI diagnostics and schema-aware completion to psql, with 15+ DBA tools built in.

• zerobox is a cross-platform process sandbox in Rust that restricts file, network, and credential access for safely running AI-generated code.

• argo-rollouts is a Kubernetes controller enabling blue-green, canary, and progressive delivery strategies with automated metric-driven promotion.

• agents-anywhere syncs AI agent configs, skills, and instructions across 10+ tools (Claude Code, Cursor, Windsurf, Gemini) from a single git repo.

• coasts runs isolated development environments in containerized worktrees on a single machine with a local observability UI, integrating with existing Docker Compose setups.

• nushell is a shell written in Rust that treats data as structured objects instead of text streams, enabling more powerful pipelines and type-aware operations.

Meme of the week