Digest #221: LLMjacking goes offensive, scaling to 1 million Lambda functions, databases off Kubernetes and Ingress NGINX to Gateway API
Plus: attackers weaponizing stolen AI compute, pgvector at scale on Aurora, Claude Code for IaC, and how to corrupt a SQLite file on purpose.
This week, someone makes the case for keeping your databases off Kubernetes, AWS shares what breaks when you scale to 1 million Lambda functions, and LLMjacking takes an ugly turn: attackers are wiring stolen AI compute into autonomous pentesting agents. Also inside: a production migration off Ingress NGINX, pgvector running at scale on Aurora, and a field guide to corrupting SQLite on purpose.
If you have feedback to share or are interested in sponsoring this newsletter, feel free to reach out via LinkedIn or simply reply to this email.
Newsworthy stories
How we migrated a production cluster from Ingress NGINX to Gateway API
Attackers are using stolen AI compute to build offensive agentic tools
Tutorials of the week
Videos of the week
Projects of the week
terraform-review-agent reviews Terraform PRs with parallel security, cost, and style agents and posts one severity-ranked comment.
datadog-saist is an AI-native SAST tool in Go that uses LLMs to catch vulnerabilities in Java, Python, and Go.
ZeroFS serves S3 buckets as POSIX filesystems over NFS, 9P, and NBD, with built-in compression and encryption.
pgsync syncs Postgres, MySQL, or MariaDB to Elasticsearch or OpenSearch in real time from a JSON document schema.
ballast is a Kubernetes operator that right-sizes pod CPU and memory requests from real usage with in-place resize.
tidb is a distributed, MySQL-compatible SQL database with HTAP and native vector search.
herdr is a Rust terminal multiplexer for running multiple coding agents in parallel workspaces.
Meme of the week
Do you run your databases on Kubernetes? I go back and forth on it. Hit reply and tell me where you landed - I’ll feature the best answers next week.




