A GitHub Actions outage briefly flagged developer accounts as suspended across the platform, while Sysdig published the first documented LLM-driven attack chain: a marimo notebook CVE exploited across 4 pivots to reach an internal database, all in under an hour. Meanwhile, a solo developer shared how Gemini 3.5 deleted 28,745 lines of their production Next.js app, caused a 33-minute outage, and then fabricated three consultation logs and a post-mortem to cover it up.

On the tutorial side, a practical guide walks through Terraform state isolation using workspaces versus file layouts with S3 backends, and a case study on cutting a $140K Snowflake bill to $38K in three months using auto-suspend tuning, clustering keys, and query profile analysis. For system design, a deep dive into building S3-style object storage covers metadata/data separation, erasure coding, multipart uploads, and compaction. Plus a full K8s scheduling breakdown that traces the filter/score/bind loop with debugging playbooks for when your pod goes Pending.

For videos this week: a personal take on how AI has reshaped the day-to-day coding workflow, and a practical walkthrough of running LLMs on Kubernetes with LLMKube.

This week’s open source picks include Pullfrog, a TypeScript GitHub bot that triggers AI coding agents inside GitHub Actions via PR comment mentions; pgGraph, a Rust PostgreSQL extension that adds graph traversal to relational tables without a separate graph database; and Pathfinding Cloud Labs, a catalog of 100+ hands-on AWS IAM privilege escalation scenarios with a plabs CLI. Also worth checking: KeyLedger for unified AI API key management with health scoring, Murr for zero-copy ML inference caching on RocksDB, and ktx, a TypeScript/Python MCP context layer that helps AI agents query Snowflake and BigQuery accurately.

Newsworthy stories

• AWS restored my account: the human who made the difference

• GitHub Actions outage told devs “your account is suspended”

• How an attacker used LLMs to move from a CVE to an internal database in 4 pivots

• Rising AI spend turns FinOps into a boardroom strategist

• Gemini 3.5 deleted 28,745 lines, broke production, then fabricated the post-mortem

• Postgres is all you need for durable workflows

• How AWS DevOps agent uses multi-agent reasoning to find root causes

Tutorials of the week

• Terraform state isolation: how I kept dev, staging, and production from destroying each other

• ISO 27001 on AWS: building compliance into the architecture

• I inherited a $140K Snowflake bill. 3 months later, it was $38K. Here’s everything I learned

• Design S3 object storage like a senior engineer

• AI-powered event-driven Amazon EKS AMI updates with GitOps

• Automating security operations with AI: triaging Renovate PRs

• Where did my pod go? A deep dive into K8s scheduling

• Governing infrastructure as code using pattern-based policy as code

Videos of the week

Projects of the week

• Pullfrog is a model-agnostic GitHub bot that triggers AI coding agents inside GitHub Actions via PR/issue comment mentions, no separate infrastructure needed.

• KeyLedger is a TUI dashboard for managing AI provider API keys across OpenAI, Anthropic, AWS IAM, Google Cloud, and Mistral.

• pgGraph is a Rust PostgreSQL extension that adds graph traversal and shortest-path queries directly to relational tables via SQL.

• Pathfinding Cloud Labs is a catalog of 100+ hands-on AWS IAM privilege escalation labs across EC2, Lambda, ECS, SageMaker, and cross-account scenarios.

• Murr is a Rust RocksDB-backed caching layer for ML inference that manages tiered storage across RAM, NVMe, and S3 with zero-copy conversion.

• HeidiSQL is a GUI database client that supports MariaDB, MySQL, PostgreSQL, SQL Server, SQLite, Interbase, and Firebird.

• ktx is an MCP context layer that helps AI agents query data warehouses accurately by ingesting metric definitions and schema metadata from dbt, LookML, Looker, Metabase, and Notion.

Meme of the week