Weekly news | 2025-04-09

news

• NVIDIA Finally Adds Native Python Support to CUDA
• Google announces Sec-Gemini v1, a new experimental cybersecurity model
• Hackers strike Australia's largest pension funds in coordinated attacks
• The Llama 4 herd: The beginning of a new era of natively multimodal AI innovation
• OpenVertebrate Presents a Massive Database of 13,000 3D Scans of Vertebrate Specimens
• Open Source Coalition announces 'Model-Signing' to strengthen ML supply chain
• Git turns 20
• Tailscale has raised $160 million USD
• Meta got caught gaming AI benchmarks
• Wing Cloud shuts down after raising $20 million to reinvent cloud development
• Fast Flux: A National Security Threat (Malware goes p2p)
• GitHub Copilot Adds Agent and MCP Support

• AWS:
  • API Gateway support for dual-stack (IPv4 and IPv6) endpoints
  • App Studio prebuilt solutions catalog and cross-instance Import and Export
  • Backup support for Redshift Serverless
  • Billing & Cost Management MFA is required for new card registration in Japan
  • CDK
    • CDK L2 Construct for Cognito Identity Pools | GA
    • Construct Library for EventBridge Scheduler | GA
  • Clean Rooms Spark SQL aggregation and list analysis rules
  • CloudFront VPC Origin modification with CloudFront Functions
  • CloudWatch Application Signals Monitor service dependencies with SLOs
  • CloudWatch Logs maximum log event size to 1 MB
  • Connect
    • additional Dual-Tone Multi-Frequency (DTMF) configuration
    • agent’s adherence work schedules in a calendar view
    • supervisors to take additional actions on in-progress chats
  • Connect Contact Lens
    • conversational analytics in 34 new languages
    • enable or disable sentiment analysis
  • EKS
    • Bottlerocket FIPS AMIs in Managed Node Groups
    • new catalog of community add-ons
  • Elastic Beanstalk get secrets and configs from Secrets/Systems Manager
  • Elemental MediaLive Anywhere SMPTE 2110 inputs
  • Elemental MediaTailor new pricing model with lower VOD ad insertion costs
  • End User Messaging phone number registration +18 new countries
  • IAM Identity Center sessions and TIP management for MS AD
  • IoT Device SDK for Swift | Developer Preview
  • Marketplace
    • Japan Marketplace Facilitator Rule
    • VAT and supports Korean Won
  • Neptune 99.99% availability Service Level Agreement
  • OpenSearch Ingestion pipelines enhanced autoscaling
  • OpenSearch Service Q Developer | GA
  • Outposts Asset level capacity management
  • Payment Cryptography exchanging cryptographic keys using ECDH
  • Q Business Browser Extension
  • QuickSight
    • dashboard versioning and publish any analysis to any dashboard
    • now supports Highlighting
    • embedded Q
    • scheduling and alerts in embedded dashboards
  • RAM IPv6 support
  • RDS for PostgreSQL
    • configurable cipher suites
    • Extended Support for 11.22-rds.20250220, 12.22-rds.20250220
  • RDS Proxy TLS 1.3 support for PostgreSQL on Aurora and RDS
  • Resource Explorer +32 resource types
  • SageMaker +9 visual ETL transforms
  • Security Lake
    • achieves FedRamp High and Moderate authorization
    • IPv6 support
  • SES attachments in sending APIs
  • SES Mail Manager incoming connections from VPCs via PrivateLink
  • SNS IPv6 support
  • Step Functions SDK integrations with Backup Search , +137 additional APIs
  • VPC Route Server | GA
  • For a full list of AWS announcements, be sure to keep an eye on AWS’s What’s New Feed page.

tooling

• curl-impersonate: A special build of curl that can impersonate Chrome & Firefox
• AnimeJS: JavaScript animation engine
• headscale: An open source, self-hosted implementation of the Tailscale control server
• MIT 6.5950 Secure Hardware Design: An open-source course on hardware attacks
• GitMCP: Instantly create a Remote MCP server for any GitHub project
• InitWare: a portable systemd fork running on BSDs and Linux
• OpenNutition: A free, public nutrition database
• zxc: Terminal based intercepting proxy written in rust with tmux and vim as user interface
• hatchet: A task orchestration platform built on Postgres
• uWrap: A 10x faster and more accurate text wrapping util in < 2KB (min)
• coolify: Open-source and self-hostable Heroku / Netlify / Vercel alternative
• Versatile-OCR-Program: Multi-modal OCR pipeline optimized for ML training (text, figure, math, tables, diagrams)
• pytest.nvim
• ferron: A fast, memory-safe web server written in Rust
• Standard Ebooks: liberated ebooks, carefully produced for the true book lover
• mem-isolate: a Rust crate for running unsafe code safely
• Glamorous Toolkit | GitHub
• BrowserMCP: Connect AI apps to your browser to automate tests and tasks
• Lux: a luxurious package manager for Lua
• MonkeysPaw: a prompt-driven web framework in Ruby
• weather-mcp-server: enables AI assistants like Claude to retrieve and interpret real-time weather data
• coroot: eBPF-based, open source observability with actionable insights
• badgeify: Add Any App to Your Mac Menu Bar
• CINC - CINC is not Chef: A Free-as-in-Beer distribution of the open source software of Chef Software Inc.
• tfbuddy: Apply-before-Merge workflow for Terraform Cloud
• drawDB: open-source online database diagram editor
• linux-kernel-defence-map: shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and defence technologies

• dockerfmt: Dockerfile formatter

• Fun:

  • Annotated Unix Magic Poster

blogs

• PostgreSQL Full-Text Search: Fast When Done Right (Debunking the Slow Myth)
• The chroot Technique - a Swiss army multitool for Linux systems
• Anthropic Education Report: How University Students Use Claude
• How Netflix Accurately Attributes eBPF Flow Logs
• TIL: Any program can be a GitHub Actions shell
• 20 years of Git
• No elephants: Breakthroughs in image generation: When Language Models Learn to See and Create
• Use the Gemini API with OpenAI fallback in Typescript
• Apple’s Darwin OS and XNU Kernel Deep Dive
• The order of files in /etc/ssh/sshd_config.d/ matters (and may surprise you)
• The “S” in MCP Stands for Security
• rsync replaced with openrsync on macOS Sequoia
• The Slow Collapse of Critical Thinking in OSINT due to AI
• How Airbnb Measures Listing Lifetime Value
• What is Local-first Web Development?
• Senior Developer Skills in the AI Age: Leveraging Experience for Better Results
• Is Python Code Sensitive to CPU Caching?
• Pitfalls of Safe Rust
• Journey to Optimize Cloudflare D1 Database Queries
• IngressNightmare: 9.8 Critical unauthenticated remote code execution vulnerabilities in Ingress NGINX
• How to debug a Node.js microservice
• Enforce Kubernetes policies to standardize test workflows
• Metrics at a glance for production clusters
• Dashboards are dead!

• Hardening Kubernetes security with DevSecOps practices

• CNCF On demand webinar:

  • Gateway API 101 with Linkerd
  • Serverless WebAssembly functions – polyglot programming made easy with Spin
  • Crypto agility, hybrid certificates and PQC migration strategies
  • External load balancing and multi-cluster routing for Kubernetes
  • The case for open source: How k0rdent empowers enterprise agility
  • Cloud migration without misery