Weekly news | 2025-03-19
news
- OpenAI asks White House for relief from State AI rules
- ESHYFT - 'Uber for nurses' exposes 86K+ medical records, PII via open S3 bucket
- Ex-Facebook director's new book paints brutal image of Mark Zuckerberg
- Popular
tj-actions/changed-filesaction is compromised - zlib-rs is faster than C
- Alphabet to buy Wiz for $32 billion in its biggest deal to boost cloud security (after turning down 23B last summer)
- Amazon to kill off local Alexa processing, all voice requests shipped to the cloud
- FOSS infrastructure is under attack by AI companies
- SoftBank Group to acquire Ampere Computing
- EU sends Apple first DMA interoperability instructions for apps and connected devices
- Deel allegedly spied on competitor
- Tembo announces dba - your database wingman
- Preview: Amazon S3 Tables and Lakehouse in DuckDB
- Reminder:
- New releases:
- AWS:
- Amplify Hosting deployment skew protection support
- AppSync Events publishing over WebSocket for real-time pub/sub
- Aurora PostgreSQL Redshift zero-ETL multiple integrations
- Backup logically air-gapped vault support for FSx
- Bedrock
- CodeBuild organization and enterprise level GitHub self-hosted runners
- CodeConnections support for new condition key
- CodePipeline
- Config EC2 Allowed AMIs
- Connect global telephony coverage
- Data Firehose real-time streaming data into Amazon S3 Tables
- ECR ECR to ECR pull through cache
- ECS GPU-Optimized AMI for Amazon Linux 2023
- EMR on EKS EKS Pod Identity
- EMR Serverless FedRAMP High authorization
- EventBridge IAM execution role support to all targets
- GameLift Servers Game Server Wrapper for rapid onboarding
- Glue Data Catalog views with AWS Glue 5.0
- Inspector ECR support for minimal container base images and enhanced detections
- Kinesis Data Streams IPv6 support
- Open Source Serverless Land Patterns in VS Code
- RDS for MySQL Extended Support minor 5.7.44-RDS.20250213
- RDS for SQL Server new minor version in February 2025
- Route 53 Traffic Flow new visual editor to improve DNS policy editing
- S3 Access Grants simplify authentication when using both IAM and Identity Provider permissions
- S3 Tables
- SageMaker Inference rolling update for inference component endpoints
- SageMaker Unified Studio Bedrock’s capabilities |
GA - SageMaker Unified Studio |
GA - Service Reference Information resources and condition keys
- Verified Access FedRAMP High and Moderate authorization
- WAF PCI DSS4.0 compliance protection with partner solutions
- Wickr new Admin Console
- For a full list of AWS announcements, be sure to keep an eye on AWS’s What’s New Feed page.
tooling
- Statistical formulas for programmers
- xlskubectl: a spreadsheet to control your Kubernetes cluster
- CodeVideo: an event-sourced IDE
- RubyLLM: a delightful Ruby way to work with AI
- my-yt: a personal YouTube frontend based on yt-dlp
- Briar: Peer to Peer Encrypted Messaging
- Metacheck: preview how any link appears on social media and chat apps
- aiopandas: Async .apply() and .map() for Pandas, Faster API/LLMs Calls
- Cradle: open-source collaborative threat intelligence hub
- nubmq: a high performant key-value store engine written in Go without any dependencies
- Sketch-Programming: a minimalist paradigm for Code Design
- docs: Open source alternative to Notion or Outline
- DiceDB: open-source fast, reactive, in-memory database
- Thymer: IDE for tasks, notes and planning
- FUN - rust-stakeholder: Generate impressive-looking terminal output to look busy when stakeholders walk by
- Comet - Open-source Remote KVM from GL-iNet
- coq-of-rust: formal verification tool for Rust
- BlueMigrate: Migrate tweets to Bluesky while keeping original date
- git-who: Git blame for file trees
- visuAlgo: visualising data structures and algorithms through animation
- KonvaJS: Declarative 2D Canvas for React, Vue, and Svelte
- Modernbanc: Modern and fast accounting software
- adminer: Database management in a single PHP file
- stelvio: Serverless AWS for Python Devs
- PackagePhobia: Find the cost of adding a new dev dependency to your project
- octo-sts: a GitHub App that acts as a "Security Token Service" (aka STS) for the GitHub API
- terraform-provider-deepmerge: "deep merge" utility provider for OpenTofu
- pulumi-terraform-module: EXPERIMENTAL support for running Terraform Modules directly in Pulumi
- terraform-cicd-image: GitHub cache solution
- magic-cache: Magic Cache for GitHub Actions
blogs
- Memory safety for web fonts
- Career advice in 2025
- The Lost Art of Logarithms
- Practical UX for startups surviving without a designer
- IO devices and latency
- Decrypting encrypted files from Akira Ransomware (Linux/ESXI variant 2024) using a bunch of GPUs
- AMD's Strix Halo - Under the Hood
- In S3 simplicity is table stakes
- You can make Postgres scale
- Sign in as anyone: Bypassing SAML SSO authentication with parser differentials: Critical authentication bypass vulnerabilities (CVE-2025-25291 + CVE-2025-25292) write-up
- Switching to BunnyCDN in less than 2 hours
- From QED to Neovim
- Going down the rabbit hole of Git's new bundle-uri
- Extracting content from an LCP "protected" ePub
- Block YouTube ads on AppleTV by decrypting and stripping ads from Profobuf
- Building AI agents to query your databases
- Blindspots in LLMs
- The Pain That Is Github Actions
- SRE: Teaching a new way to prevent outages at Google
- 2FA or not 2FA
- Benefits and challenges of infrastructure from code
- Java on containers: A guide to efficient deployment
- Falcoctl: Artifact Management for Falco
- Securing Kubernetes Resources Without a VPN
- Scaling Prometheus: From Single Node to Enterprise-Grade Observability
- No Observability Tool is the “Best”
-
CNCF On demand webinar: