The develeap news feed

DevOps 7.0

CNCF Blog

Jun 3, 2026

Inspektor Gadget: Results from the first security audit

Inspektor Gadget, an eBPF-based Kubernetes observability toolkit, completed its first independent security audit coordinated by OSTIF and conducted by Shielder. All reported vulnerabilities have patches available. The toolkit uses eBPF gadgets packaged as OCI images to inspect cluster and Linux host data without rebuilding containers or injecting sidecars.

#eBPF #Kubernetes #observability #security audit

Read article →

Cloud 7.0

AWS News

Jun 3, 2026

Improve your application resilience with Amazon Cognito multi-Region replication

AWS Cognito now supports multi-region replication for user and machine-to-machine authentication, eliminating manual export-import workflows and forced re-authentication during regional failovers. The service also adds customer-managed key encryption for tighter control over auth data at rest.

#Cognito #multi-region #high-availability #authentication

Read article →

DevOps 6.0

Databricks Blog

Jun 3, 2026

Apache Spark Real-Time Mode for Gaming: A Better Way to Do Real-Time Sessionization

Databricks announces Apache Spark Real-Time Mode, enabling sub-millisecond sessionization for gaming personalization. The feature reduces latency for in-game event processing and user session tracking.

#Spark #real-time #streaming #sessionization

Read article →

AI 6.0

AWS ML Blog

Jun 3, 2026

How to build self-driving AI operations on Amazon Bedrock at scale

AWS describes an operational monitoring framework for Bedrock workloads that tracks usage patterns, automates support case triage, prevents duplicate cases, and alerts SRE teams to quota constraints before they hit limits. The approach reduces manual overhead for teams scaling generative AI across multiple foundation models.

#Bedrock #MLOps #observability #agents

Read article →

AI 7.0

The New Stack

Jun 3, 2026

The AI cost crisis finally has a watchdog — just not the companies causing it

The Linux Foundation announces the Tokenomics Foundation to create open standards, benchmarks, and best practices for AI token consumption economics. Initial backers include Google, Microsoft, IBM, JPMorgan Chase, KPMG, Oracle, and Salesforce, with formal launch planned for FinOps X in June.

#token economics #FinOps #cost management #AI infrastructure

Read article →

Engineering 5.0

The New Stack

Jun 3, 2026

How to get operational data off the factory floor without creating an IT breach

Integrating OT (operational technology) data into IT systems for AI requires secure, auditable data pipelines that replace legacy FTP/SFTP solutions. The article discusses managed solutions offering encryption, continuous transfer monitoring, and full audit trails for protocols like Modbus and OPC UA, addressing the challenge of extracting data from systems designed for uptime rather than connectivity.

#OT/IT integration #data pipeline #encryption #edge computing

Read article →

Security 8.0

The Hacker News

Jun 3, 2026

WhatsApp, Slack Notifications Could Hijack Google Gemini on Android

A vulnerability in Google Gemini's voice assistant on Android allowed poisoned notifications from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger to hijack the assistant without requiring a malicious app. The attack could open windows, forge messages, initiate calls, or corrupt the assistant's long-term memory.

#CVE #Android #voice assistant #notification hijacking

Read article →

AI 7.0

The New Stack

Jun 3, 2026

Why CPUs still matter in the age of AI agents

As AI shifts from chatbots to autonomous agents, CPU workloads become critical. Agents orchestrate tool calls, manage memory, and execute code - tasks CPUs excel at - while LLMs run on accelerators. Google and Arm leaders explain how CPUs act as the orchestration layer, making them increasingly important for agent infrastructure despite GPU focus.

#agents #CPU #orchestration #inference

Read article →

AI 7.0

AWS ML Blog

Jun 3, 2026

Fundamental's Large Tabular Model NEXUS is now available on Amazon SageMaker JumpStart

Fundamental's NEXUS foundation model, pre-trained on billions of structured datasets, is now deployable via SageMaker JumpStart. Unlike LLMs or traditional ML, NEXUS produces deterministic predictions on tabular data without manual feature engineering, compressing timelines from months to days.

#foundation-models #tabular-data #SageMaker #structured-data

Read article →

Security 7.0

Cloudflare Blog

Jun 3, 2026

Enforcing the First AS in BGP AS_PATHs

Cloudflare documents recent BGP route hijacks where attackers forge AS_PATHs using unused ASNs to misdirect traffic and conceal identity. The article stress-tests major networks and advocates for simple verification that BGP peers include their own AS as the 'First AS' in advertised routes to prevent prefix hijacking.

#BGP #route hijacking #network security #ASN

Read article →

Security 5.0

The Hacker News

Jun 3, 2026

Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT

Attackers are using Google's DoubleClick domain in malspam campaigns to evade detection and deliver DesckVB RAT. By routing malicious payloads through a legitimate Google-owned domain, the campaign bypasses security tools that whitelist trusted infrastructure.

#malspam #RAT #DesckVB #evasion

Read article →

DevOps 7.0

AWS ML Blog

Jun 3, 2026

Reducing container cold start times using SOCI index on DLAMI and DLC

AWS Deep Learning AMI and Deep Learning Containers now support SOCI (Seekable OCI) snapshotter for lazy-loading container images. By indexing layer contents and downloading only necessary files, SOCI cuts multi-gigabyte image startup times from minutes to seconds, reducing training and inference latency.

#containers #SOCI #cold-start #lazy-loading

Read article →

Cloud 7.0

Google Cloud Blog

Jun 3, 2026

What's new in serverless Managed Service for Apache Spark

Google Cloud's Managed Service for Apache Spark runtime 3.0 now offers zero-setup onboarding by automating IAM roles, VPC networking, and firewall configuration. The service supports feature engineering, GPU-accelerated model training, semantic search, RAG, and AI agent building with simplified deployment.

#Spark #serverless #data-engineering #AI-infrastructure

Read article →

AI 8.0

AWS ML Blog

Jun 3, 2026

Improve your agent's tool-calling accuracy with SFT and DPO on Amazon SageMaker AI

AWS demonstrates using Supervised Fine-Tuning (SFT) and Direct Preference Optimization (DPO) together on SageMaker to improve tool-calling accuracy in small language models. The post includes evaluation methodology and model comparison workflows, helping teams move agentic applications from pilot to production with reliable tool selection.

#agents #tool-use #fine-tuning #SFT

Read article →

Security 6.0

The Hacker News

Jun 3, 2026

Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore

HD Moore (Metasploit creator) argues that patching zero-days in time is no longer viable, especially as AI accelerates exploit development. Instead, teams should focus on network segmentation and limiting what a compromised system can reach, treating breach assumption as the foundation of defense strategy.

#zero-day #network segmentation #breach assumption #defense strategy

Read article →

Security 8.0

The Hacker News

Jun 3, 2026

Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag

A debug flag left enabled in production Microsoft 365 Android apps disabled token-sharing restrictions, allowing any app on the device to request and obtain signed-in user tokens without authentication. Attackers could then read email, access files, browse calendars, and send messages as the victim.

#CVE #Android #OAuth #token-theft

Read article →

DevOps 7.0

InfoQ DevOps

Jun 3, 2026

Inside Google's System for Coordinated A/B Testing Across Its Global Service Fleet

Google describes a fleet-wide A/B experimentation system that standardizes experiment assignment, exposure logging, and configuration propagation across distributed services. The system reduces experiment conflicts and improves reliability of data-driven decisions at scale across multiple products.

#A/B testing #experimentation #distributed systems #observability

Read article →

AI 8.0

The Hacker News

Jun 3, 2026

Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)

An autonomous AI-powered bug-hunting tool discovered a use-after-free vulnerability in Redis blocking-client code that allows authenticated attackers to execute arbitrary OS commands. CVE-2026-23479 existed undetected for over two years across Redis 7.2.0 and all stable branches until May 5 patches.

#CVE #Redis #RCE #use-after-free

Read article →

AI 5.0

OpenAI Blog

Jun 3, 2026

Introducing new capabilities to GPT-Rosalind

OpenAI announces GPT-Rosalind, a specialized model for life sciences research with enhanced capabilities in biological reasoning, medicinal chemistry, genomics analysis, and experimental workflow automation.

#foundation-models #life-sciences #genomics #chemistry

Read article →

Security 8.0

The Hacker News

Jun 3, 2026

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

A one-click attack via VS Code's GitHub.dev feature allows attackers to steal full GitHub OAuth tokens with read-write access to repositories, including private ones. The attack requires only a malicious link click and exploits GitHub.dev's token handling.

#CVE #GitHub #OAuth #VS-Code

Read article →

AI 6.0

OpenAI Blog

Jun 3, 2026

How Wasmer used Codex to build a Node.js runtime for the edge

Wasmer leveraged OpenAI Codex (now GPT-5.5) to accelerate development of a Node.js runtime for edge environments, achieving 10x-20x speedup and shipping in weeks instead of months. The case study demonstrates code generation's impact on infrastructure tooling development.

#code-generation #Codex #edge-computing #Node.js

Read article →

Security 7.0

Anthropic News

Jun 3, 2026

What we learned mapping a year's worth of AI-enabled cyber threats

Anthropic reports on AI-enabled cyber threats mapped against the MITRE ATT&CK framework over a year of observation. The research documents how threat actors are using AI to enhance attack capabilities and evasion techniques.

#AI security #threat intelligence #MITRE ATT&CK #cyber threats

Read article →

Security 7.0

The Hacker News

Jun 3, 2026

Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes

An unpatched vulnerability in Windows Search's search: URI handler allows attackers to disclose NTLMv2 hashes, similar to the earlier CVE-2026-33829 in Windows Snipping Tool's ms-screensketch: URI handler. The flaw exploits URI handler behavior to leak authentication credentials.

#CVE #Windows #NTLMv2 #URI-handler

Read article →

DevOps 8.0

InfoQ DevOps

Jun 3, 2026

Article: Two Misconfigurations That Caused Spark OOM Failures on Kubernetes

A post-mortem on Spark pipeline failures on Azure Kubernetes Service reveals two settings that interacted destructively: spark.kubernetes.local.dirs.tmpfs=true forced shuffle spill to RAM instead of disk, and a hard podAffinity rule concentrated all executors on one node. The combination caused repeated OOM kills that standard diagnostics missed.

#Spark #Kubernetes #memory management #configuration

Read article →

Security 8.0

The Hacker News

Jun 3, 2026

New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare

HTTP/2 Bomb is a remote denial-of-service vulnerability affecting NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora in their default HTTP/2 configurations. The flaw was discovered by OpenAI Codex through automated code analysis.

#CVE #HTTP/2 #DoS #web-servers

Read article →

Security 5.0

The Hacker News

Jun 3, 2026

Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content

Weedhack is a malware-as-a-service campaign targeting Minecraft players via YouTube, impersonating Minecraft clients and mods to gain system control. Active since January 2026, the campaign has infected thousands of users; related threats include CountLoader (86K infections) and miners distributed through pirated content.

#malware #MaaS #Minecraft #credential-theft

Read article →

AI 6.0

Snyk Blog

Jun 3, 2026

The New Security Risks of the Agentic Development Lifecycle

Snyk examines how AI agents change the software development lifecycle and introduce new security risks. The article emphasizes that securing the agent-driven process itself is as critical as securing the code output, addressing emerging threat vectors in agentic workflows.

#agents #security #development lifecycle #risk management

Read article →

AI 7.0

The New Stack

Jun 2, 2026

Rayfin: Microsoft's answer to the gap between vibe coding and enterprise production

Microsoft announced Rayfin, an open-source SDK and CLI that lets developers and agents define application backends in code and deploy to Microsoft Fabric with built-in security and compliance. Replit is the exclusive launch partner, enabling Replit Agent to generate backend code that deploys directly to Fabric without manual infrastructure configuration.

#agents #infrastructure-as-code #Fabric #backend deployment

Read article →

AI 8.0

The New Stack

Jun 2, 2026

Microsoft bets the enterprise AI race will be won on data context, not model power

Microsoft announced three Fabric enhancements targeting enterprise AI's core problem: agents lack organizational context. Azure HorizonDB (PostgreSQL-compatible, public preview), GPU-accelerated data warehouse, and semantic ontology layer aim to give agents persistent organizational memory and reasoning context.

#agents #data context #Fabric #enterprise AI

Read article →

Engineering 5.0

Databricks Blog

Jun 2, 2026

Beyond parsing X12: Closing the gap for revenue cycle workflows in healthcare

Databricks addresses healthcare revenue cycle workflows by moving beyond basic X12 EDI parsing to intelligent document processing and workflow automation. The post targets medical billing and claims processing use cases.

#healthcare #document processing #workflow automation #data integration

Read article →

AI 7.0

NVIDIA Developer Blog

Jun 2, 2026

Build Personal AI Agents on Windows PCs with New Tools from Microsoft and NVIDIA

NVIDIA and Microsoft collaborate to simplify on-device agent development for Windows, providing tooling for developers to build local agents with native security controls. The effort targets creators and developers building coding, video editing, and content management assistants.

#agents #on-device AI #Windows #tool-use

Read article →

AI 7.0

The New Stack

Jun 2, 2026

"A successful attack could be catastrophic": Anthropic gives more groups access to Claude Mythos

Anthropic expanded Project Glasswing, a secure access program for Claude Mythos (models more powerful than Opus), to more organizations. Anthropic warned that AI models now match elite human hackers at finding software vulnerabilities, and a breach affecting Glasswing partners could impact over 100 million people.

#Claude Mythos #security #vulnerability detection #AI capabilities

Read article →

Security 7.0

The Hacker News

Jun 2, 2026

Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited

Google released patches for 124 Android vulnerabilities in June 2026, including CVE-2025-48595 (CVSS 8.4), a privilege escalation flaw in the Framework component that is actively exploited in the wild without requiring user interaction.

#CVE #Android #privilege escalation #actively exploited

Read article →

Security 6.0

The Hacker News

Jun 2, 2026

Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine

Russian hacking group Gamaredon is exploiting CVE-2025-8088, a path traversal flaw in WinRAR, to deliver GammaPhish HTML Application payloads that retrieve malware families GammaWorm and GammaSteel targeting data theft and propagation in Ukraine.

#CVE #WinRAR #malware #supply-chain

Read article →

Security 9.0

The Hacker News

Jun 2, 2026

Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation

CISA added CVE-2024-21182 (CVSS 7.5) to its Known Exploited Vulnerabilities catalog after evidence of active exploitation in the wild. The flaw allows unauthenticated network attackers to take control of Oracle WebLogic Server instances. Patching is urgent given the public exploit availability and active abuse.

#CVE #Oracle WebLogic #CISA KEV #RCE

Read article →

DevOps 6.0

The New Stack

Jun 2, 2026

How GitHub plans to win developers back

GitHub COO Kyle Daigle acknowledged hundreds of incidents over 12 months caused by agentic coding growth exceeding 100% year-over-year. GitHub is scaling infrastructure to handle 30-40x growth over the next year, requiring architectural changes beyond typical cloud scaling.

#GitHub #infrastructure scaling #agentic coding #reliability

Read article →

AI 7.0

The New Stack

Jun 2, 2026

With Intelligent Terminal, Microsoft is reinventing the Windows terminal

Microsoft released Intelligent Terminal (experimental) for Windows 11, enabling agents like GitHub Copilot, Claude Code, and Codex to run directly in the shell via Agent Communication Protocol (ACP). The goal is eliminating context switching between terminal and chat windows.

#agents #terminal #Agent Communication Protocol #GitHub Copilot

Read article →

AI 7.0

The New Stack

Jun 2, 2026

Microsoft debuts "Scout" at Build, a new personal agent for work

Microsoft Scout is a new personal agent for work built on OpenClaw and WorkIQ that integrates with Teams, Outlook, and other Microsoft 365 tools to proactively handle routine tasks like resolving scheduling conflicts and meeting prep without explicit user requests. Currently available to Frontier customers with broader rollout planned.

#agents #autonomous #Microsoft 365 #tool-use

Read article →

AI 7.0

AWS ML Blog

Jun 2, 2026

The art and science of hyperparameter optimization on Amazon Nova Forge

AWS details hyperparameter tuning strategies for fine-tuning Amazon Nova Forge models on proprietary data. The post covers learning rate, data mixing ratios, and checkpoint selection to balance domain specialization with retention of general reasoning capabilities, addressing catastrophic forgetting in domain-specific customization.

#fine-tuning #hyperparameter tuning #LLM #domain adaptation

Read article →

AI 6.0

AWS ML Blog

Jun 2, 2026

Object detection with Amazon Nova 2 Lite

Tutorial on using Amazon Nova 2 Lite for zero-shot object detection via natural language prompts, returning bounding box coordinates in JSON. Covers deployment using Bedrock, Lambda, and API Gateway with examples in manufacturing, agriculture, and logistics.

#multimodal #object detection #vision #zero-shot

Read article →

AI 8.0

GitHub Blog

Jun 2, 2026

GitHub Copilot app: The agent-native desktop experience

GitHub released a desktop Copilot app designed to manage agentic workflows, addressing context fragmentation and code review visibility. The app consolidates agent output, PR tracking, and validation trails in a single interface, with GitHub reporting 1.4 billion commits per month and 2 billion Actions minutes weekly.

#agents #GitHub Copilot #agentic workflows #developer tools

Read article →

AI 8.0

Google Cloud Blog

Jun 2, 2026

Connecting AI agents with unstructured data using Google Cloud Storage MCP Servers

Google announced a Model Context Protocol (MCP) server for Google Cloud Storage (GCS) that enables AI agents to securely access unstructured data at scale. The integration treats GCS as an agent-ready data layer, combining MCP with GCS smart storage features like auto-annotations and object contexts. Real-world examples include Palo Alto Networks' Strata Co-Pilot agent powered by Gemini Live API.

#agents #MCP #GCS #tool-use

Read article →

AI 8.0

Docker Blog

Jun 2, 2026

How to Secure AI Agents: A Practical Overview for Development Teams

Docker outlines four security domains for production AI agents: execution isolation, tool access control, identity and credential management, and runtime monitoring. The article emphasizes that traditional static API security controls are insufficient for autonomous agents that dynamically choose tools and chain actions, requiring infrastructure-level controls instead of permission prompts.

#agents #security #tool-use #runtime monitoring

Read article →

AI 7.0

NVIDIA Developer Blog

Jun 2, 2026

Deploy Self-Evolving Agents for Faster, More Secure Research with a Hermes Agent and NVIDIA NemoClaw

NVIDIA demonstrates a self-evolving agent architecture using Hermes Agent and NemoClaw for secure research workflows that integrate internal data with public sources. The example spans Outlook, Slack, and GitHub with OpenShell enforcing security policies.

#agents #security #data integration #agentic workflows

Read article →

Cloud 7.0

Google Cloud Blog

Jun 2, 2026

Announcing Spanner Graph algorithms: Google-grade intelligence for connected data

Google Cloud announced graph algorithms for Spanner Graph in preview, bringing graph mining capabilities natively to the database. Algorithms like node centrality and community detection run directly via ISO Graph Query Language (GQL) without requiring external ETL pipelines. The feature targets fraud detection, entity resolution, and social network analysis at scale.

#graph algorithms #Spanner #GQL #database

Read article →

Cloud 7.0

Google Cloud Blog

Jun 2, 2026

Accelerating data lakes: Optimizing Apache Iceberg and Spark with gcs-analytics-core

Google released gcs-analytics-core, an open-source Java library that centralizes performance optimizations for analytics workloads on Google Cloud Storage. The library integrates with Apache Iceberg (v1.11.0+) and Apache Spark, replacing sequential reads with parallelized strategies for columnar formats like Parquet. It sits between analytics engines and the GCS Java SDK to inject optimizations without framework-specific tuning.

#Iceberg #Spark #GCS #data lake

Read article →

AI 7.0

AWS ML Blog

Jun 2, 2026

How Baz improved its AI Agent Code Review accuracy using Amazon Bedrock AgentCore

Baz built a Spec Review agent using Amazon Bedrock AgentCore to automate code review beyond syntax checking, validating whether features meet product requirements and design intent. The post covers architecture decisions and business outcomes from automating the gap between code and specification.

#agents #code review #AgentCore #tool use

Read article →

AI 8.0

The New Stack

Jun 2, 2026

GitHub Copilot's usage-based billing is live: Here's what you need to know

GitHub Copilot has switched from a fixed monthly subscription with premium request units to token-based billing tied directly to input, output, and cached token consumption across all models. Plan prices remain unchanged, but costs now scale with actual usage of longer agentic sessions and advanced features.

#LLM #billing #agents #inference

Read article →

Cloud 6.0

Databricks Blog

Jun 2, 2026

Query Tags: The Context Your Warehouse Queries Have Been Missing

Databricks SQL introduces query tags to automatically capture and organize metadata about warehouse queries, including who ran them and on which resources. This feature improves query governance, cost tracking, and audit trails.

#Databricks SQL #observability #query governance #cost tracking

Read article →

AI 7.0

Hugging Face Blog

Jun 2, 2026

Holo3.1: Fast & Local Computer Use Agents

Holo3.1 introduces a local, fast computer-use agent model optimized for on-device execution. The release emphasizes speed and privacy by running inference without cloud dependencies.

#agents #computer use #local inference #LLM

Read article →

DevOps 6.0

InfoQ DevOps

Jun 2, 2026

Presentation: The Human Toll of Incidents & Ways To Mitigate It

Kyle Lexmond presents strategies for managing high-pressure production incidents, distinguishing between rapid mitigation and root-cause resolution. The talk covers cognitive overload management, blameless culture practices, and system optimization for faster recovery during severe outages.

#incident-response #operational-resilience #team-dynamics

Read article →

DevOps 6.0

InfoQ DevOps

Jun 2, 2026

OpenTelemetry Launches "Blueprints" Initiative to Simplify Enterprise Observability Adoption

OpenTelemetry introduces Blueprints, a new initiative designed to reduce complexity in deploying and operating observability systems at enterprise scale. The initiative provides reference architectures and patterns to streamline adoption.

#OpenTelemetry #observability #enterprise #blueprints

Read article →

Security 7.0

The Hacker News

Jun 2, 2026

AI-Driven Exploitation is Destroying Vulnerability Management. Here's How to Handle It.

The article argues that AI-accelerated vulnerability discovery and weaponization are compressing the exploit timeline from days to hours, making traditional vulnerability management processes obsolete. Organizations must shift from reactive patching to continuous monitoring and rapid response strategies. The piece discusses how AI tools are automating the full attack chain from disclosure to mass exploitation.

#AI #vulnerability management #threat intelligence #automation

Read article →

AI 7.0

CNCF Blog

Jun 2, 2026

Cloud native is now AI-native: Engineering production-ready AI

CNCF roundtable at KubeCon Europe outlined three core components for production-ready AI: vendor-neutral infrastructure aligned with the Kubernetes AI Conformance program, integrated security for autonomous agents, and active community contribution. Platform maturity, security by design, and agentic governance are now essential for enterprise AI workloads.

#Kubernetes #agents #security #platform maturity

Read article →

Security 6.0

The Hacker News

Jun 2, 2026

How Leading Organizations Are Turning EDR Into Operational Resilience

The article discusses how organizations are evolving endpoint detection and response (EDR) from a point security tool into a broader operational resilience strategy. Modern attacks bypass traditional prevention, requiring continuous visibility and faster response. EDR adoption has accelerated as teams recognize that endpoint protection alone is insufficient.

#EDR #endpoint security #detection #operational resilience

Read article →

Security 5.0

The Hacker News

Jun 2, 2026

Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT

SideCopy, a Pakistan-aligned threat actor, conducted a spear-phishing campaign against Afghanistan's Ministry of Finance using Xeno RAT, an open-source remote access trojan. The attack chain began with a ZIP archive containing a malicious LNK file with a Pashto-language filename designed to evade detection. The campaign demonstrates targeted nation-state activity in the region.

#spear-phishing #RAT #nation-state #SideCopy

Read article →

Cloud 7.0

Google Cloud Blog

Jun 2, 2026

Experimenting with TPUs, GKE Managed DRANET, and Multi-cluster Inference Gateway

Google Cloud demonstrates multi-region AI inference resilience using GKE's managed Dynamic Resource Allocation (DRANET) for TPU scheduling, multi-cluster inference gateway for cross-region failover, and Cloud Storage FUSE for model storage. The setup balances inference workloads across multiple GKE clusters in different regions, with TPUs managed through DRANET to handle regional failures without service interruption.

#Kubernetes #TPU #inference #multi-cluster

Read article →

Security 6.0

The Hacker News

Jun 2, 2026

Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded

Password manager Dashlane disclosed a brute-force attack on May 31, 2026, where an attacker targeted user accounts to bypass two-factor authentication (2FA) and download encrypted vaults. Fewer than 20 personal subscription users were affected. The incident highlights the ongoing risk of credential-based attacks against authentication systems.

#brute-force #2FA bypass #password manager #credential attack

Read article →

AI 7.0

AWS ML Blog

Jun 2, 2026

Building a secure auth code flow setup using AgentCore Gateway with MCP clients

Guide to implementing OAuth Code flow for inbound authentication on Amazon Bedrock AgentCore Gateway, securing agent-to-MCP-server communications. Covers integration with identity providers like Okta, Entra ID, and Cognito for production-ready agent deployments.

#agents #authentication #OAuth #MCP

Read article →

AI 7.0

NVIDIA Developer Blog

Jun 2, 2026

Deploy Agentic-Ready AI at the Edge with Memory Efficiency in NVIDIA JetPack 7.2

NVIDIA JetPack 7.2 adds agent-optimized inference for Jetson edge devices with one-command NemoClaw deployment and new Jetson agent skills. The release prioritizes memory efficiency for on-device agent execution in physical environments.

#agents #edge AI #Jetson #inference optimization

Read article →

Security 8.0

Snyk Blog

Jun 2, 2026

Protestware by open source maintainer to hinder agentic coding: The jqwik 1.10.0 Prompt Injection

jqwik 1.10.0 added a hidden prompt injection using terminal escape codes to inject destructive instructions readable to AI agents and logs but invisible to human developers. This represents a new attack vector where open source maintainers can weaponize dependencies against agentic coding tools.

#prompt injection #supply-chain #agents #security

Read article →

AI 7.0

AWS ML Blog

Jun 1, 2026

Reference your own AWS Secrets Manager secrets in Amazon Bedrock AgentCore Identity

Amazon Bedrock AgentCore Identity now supports referencing pre-configured AWS Secrets Manager secrets instead of auto-generating them, allowing teams to apply custom tags, rotation policies, and customer-managed KMS encryption. This enables agents to securely access external APIs and tools while maintaining organizational secrets governance.

#agents #security #credential-management #AWS Secrets Manager

Read article →

AI 7.0

NVIDIA Developer Blog

Jun 1, 2026

Run Local AI Agents with Faster Models and Multi-Node Clustering on NVIDIA DGX Spark

NVIDIA demonstrates running autonomous, long-running AI agents locally on DGX hardware with multi-node clustering, addressing security, privacy, and latency concerns by eliminating cloud dependency. The approach supports large context windows and concurrent subagent spawning.

#agents #local-inference #multi-node #privacy

Read article →

AI 6.0

AWS ML Blog

Jun 1, 2026

Transforming rare cancer research with Amazon Quick: Integrating biomedical databases for breakthrough discoveries

Amazon Quick Research is an agentic workflow that ingests structured and unstructured biomedical data from multiple sources like PubMed, applies LLM-driven synthesis to generate cited research reports, and eliminates weeks of manual ETL and schema reconciliation. The post walks through integrating genomic, clinical, and literature data for pediatric sarcoma research.

#agents #LLM #data-integration #research-automation

Read article →

AI 8.0

AWS ML Blog

Jun 1, 2026

OpenAI models and Codex on Amazon Bedrock are now generally available

GPT-5.5, GPT-5.4, and Codex are now GA on Amazon Bedrock with pricing matching OpenAI's first-party rates. These models run on Bedrock's next-generation inference engine and usage counts toward existing AWS commitments, enabling production deployment of frontier models and agentic coding.

#LLM #GPT #Codex #Amazon Bedrock

Read article →

AI 8.0

The New Stack

Jun 1, 2026

OpenAI, Anthropic, Google, Amazon, and xAI all fail on type of attack, study finds

Cisco research across 15 frontier models reveals that single-turn safety benchmarks are poor predictors of multi-turn resilience. All tested models failed multi-turn attacks at rates ranging from 7.89% to 88.30%, with some models like Gemini 3 Pro jumping from 18.10% single-turn success to 73.35% under iterative attack. The gap exposes a critical gap in how enterprises evaluate AI safety.

#evals #safety #adversarial #multi-turn

Read article →

AI 7.0

The New Stack

Jun 1, 2026

JetBrains open-sources Mellum2 to go where Claude Code can't

JetBrains open-sourced Mellum2, a 12B-parameter coding model designed for infrastructure-layer agentic AI tasks like routing, retrieval pipelines, and sub-agent coordination. Unlike its 4B predecessor Mellum, Mellum2 is open from day one and targets the broader ecosystem of multi-model orchestration rather than single-task code completion.

#LLM #agents #code generation #open-source

Read article →

AI 7.0

AWS ML Blog

Jun 1, 2026

Extending MCP support for Amazon Bedrock AgentCore Gateway

Amazon Bedrock AgentCore Gateway now supports extended MCP capabilities including dynamic tool schema discovery, MCP prompts and resources as first-class primitives, streaming for stateful interactions, and OAuth 2.0 token exchange. This centralizes credential management, observability, and secure connectivity for enterprise MCP deployments.

#agents #MCP #tool-use #AgentCore

Read article →

DevOps 6.0

Kubernetes Blog

Jun 1, 2026

From Kubernetes Dashboard to Headlamp: Understanding the Transition

Kubernetes Dashboard is archived; Headlamp is its successor, offering multi-cluster visibility, application-centric views, plugin extensibility, and both in-cluster and desktop deployment options. The post maps familiar Dashboard workflows to Headlamp and guides operators through the transition while preserving the user-centered design that made Dashboard approachable.

#Kubernetes #UI #cluster-management #observability

Read article →

AI 7.0

AWS ML Blog

Jun 1, 2026

Secure AI agents with Policy and Lambda interceptors in Amazon Bedrock AgentCore gateway

Amazon Bedrock AgentCore Gateway introduces Cedar-based policies for deterministic access control and Lambda interceptors for dynamic validation of agent tool invocations. These mechanisms address the governance challenge of securing LLM-driven agents that decide at runtime which tools to invoke with what arguments.

#agents #security #policy-as-code #AgentCore

Read article →

Security 9.0

Krebs on Security

Jun 1, 2026

Hackers Used Meta's AI Support Bot to Seize Instagram Accounts

Pro-Iranian hackers exploited Meta's AI support assistant to reset Instagram account passwords by tricking the bot into adding attacker-controlled email addresses during password recovery. The exploit affected high-profile accounts including the Obama White House and U.S. Space Force, requiring only a VPN connection to spoof location.

#security #AI #authentication #account takeover

Read article →

AI 6.0

AWS ML Blog

Jun 1, 2026

Enable safe agentic payments with built-in guardrails using Amazon Bedrock AgentCore payments

Amazon Bedrock AgentCore Payments (preview) enables agents to access paid resources and transact on behalf of end users through embedded wallets from Coinbase or Stripe Privy. The service includes guardrails addressing risks from autonomous long-running sessions, model non-determinism, and exposure between agent code and user funds.

#agents #payments #guardrails #AgentCore

Read article →

AI 7.0

The New Stack

Jun 1, 2026

Claude Code vs. Cursor vs. Codex vs. Antigravity — six months in

Six months after Google's Antigravity launch in November 2025, the agentic coding tool category has converged on form. Claude Code emphasizes approval-heavy workflows for large codebases, Cursor remains model-agnostic, Codex and Antigravity pursue different platform strategies. The competitive differentiation has shifted from basic capability to platform ecosystem and developer workflow.

#agents #code generation #IDE #agentic AI

Read article →

Engineering 7.0

Cloudflare Blog

Jun 1, 2026

How we reduced core unit boot time from hours to minutes

Cloudflare debugged a firmware quirk that caused 2,000 bare-metal core servers to take 4 hours to boot instead of minutes after a UEFI update. The root cause was an over-eager linear search through network boot interfaces during the firmware-to-OS handoff, which they optimized to restore minutes-scale boot times and unattended upgrade windows.

#UEFI #firmware #bare metal #boot optimization

Read article →

AI 7.0

AWS ML Blog

Jun 1, 2026

AgentOps: Operationalize agentic AI at scale with Amazon Bedrock AgentCore

AWS outlines operational best practices for deploying agentic AI at scale, covering governance, build/ops, evaluation, and observability across four pillars. The post presents a reference architecture using Amazon Bedrock AgentCore and supporting AWS services to address challenges like cost spiraling, non-deterministic failures, and agent quality assurance in production.

#agents #MLOps #observability #governance

Read article →

AI 8.0

AWS ML Blog

Jun 1, 2026

Accelerate LLM model loading and increase context windows with GPUDirect on Amazon FSx for Lustre and TurboQuant

AWS demonstrates how NVIDIA GPUDirect Storage combined with Amazon FSx for Lustre reduces LLM cold-start time-to-first-token from minutes to seconds on P6/P6e instances. The post also covers TurboQuant KV cache optimization for expanding context window sizes on Blackwell GPUs.

#LLM #inference #GPU #optimization

Read article →

AI 7.0

AWS ML Blog

Jun 1, 2026

Amazon Quick integration with time-series databases for market intelligence using MCP

AWS demonstrates Model Context Protocol (MCP) integration in Amazon Quick to enable conversational access to time-series databases like KDB-X, allowing financial analysts to query market data without complex SQL. The pattern applies across financial, IoT, and DevOps monitoring use cases.

#MCP #RAG #time-series #tool-use

Read article →

AI 8.0

Google Cloud Blog

Jun 1, 2026

How Trustpilot built a real-time architecture for data enrichment using Gemma

Trustpilot built a high-volume streaming pipeline using fine-tuned Gemma models to process millions of user reviews in real-time for NER, sentiment scoring, and intent detection. By owning the model through fine-tuning rather than relying on closed APIs, the company gains full control over latency, cost, and data privacy for its core business intelligence workload.

#LLM #fine-tuning #Gemma #streaming

Read article →

AI 8.0

Google Cloud Blog

Jun 1, 2026

The fully-managed Remote MCP Server for AlloyDB is now Generally Available

Google Cloud released the Remote Model Context Protocol (MCP) Server for AlloyDB as GA, enabling AI agents to securely query enterprise databases with real-time context. The integration includes ScaNN vector indexing (10B+ vectors at 6x PostgreSQL speed) and reranking, allowing agents to ground decisions in live operational data without stale context.

#agents #MCP #RAG #AlloyDB

Read article →

AI 7.0

The New Stack

Jun 1, 2026

This coding agent doesn't want your feedback — it ships without it

SkipLabs launched Skipper, a closed-loop coding agent that takes plain-language descriptions or OpenAPI specs and returns a complete, validated backend service with no review cycle. Founded by Julien Verlaguet (creator of Hack at Facebook), Skipper positions itself as the substrate between foundation models and shipped software, eliminating developer iteration.

#agents #code generation #backend #closed-loop

Read article →

DevOps 7.0

Google Cloud Blog

Jun 1, 2026

Introducing the GKE standby buffer: Improve node startup times without blowing your budget

Google Kubernetes Engine launched standby buffers, a low-cost suspended capacity reserve that achieves near-immediate pod scheduling with single-digit percent overhead. Benchmarks show P50 latency of single-digit seconds versus 4-6 minute spikes on clusters without buffers, while maintaining similar allocatable core costs.

#Kubernetes #autoscaling #GKE #capacity planning

Read article →

Cloud 6.0

Google Cloud Blog

Jun 1, 2026

Modeling a digital twin of a food supply chain using BigQuery Graph

Google Cloud introduced BigQuery Graph for modeling complex supply chains as graph structures rather than relational tables. The approach reduces join overhead and latency when tracing dependencies across thousands of assets, addressing bullwhip effects, SOP drift, and food safety blast radius in multi-node networks.

#BigQuery #graph #supply chain #digital twin

Read article →

Security 6.0

Docker Blog

Jun 1, 2026

What is Sandbox Security?

Docker published guidance on sandbox security as a critical layer for agentic AI deployment. The piece covers isolation boundaries, access controls, process isolation, network segmentation, and runtime monitoring. Docker's State of Agentic AI report found 40% of respondents cite security as the top challenge in scaling agents, with 43% pointing to orchestration sprawl as a security exposure vector.

#security #agents #sandbox #isolation

Read article →

AI 6.0

Hugging Face Blog

Jun 1, 2026

Introducing Mellum2: A 12B Mixture-of-Experts Model by JetBrains

JetBrains releases Mellum2, a 12-billion-parameter mixture-of-experts model optimized for code generation and IDE integration, expanding open-source alternatives for developer tooling.

#LLM #MoE #code-generation #open-source

Read article →

AI 6.0

The New Stack

Jun 1, 2026

"Blowing things up": The one move vendors got wrong on AI agents

Hyland announced general availability of its Enterprise Context Engine and Enterprise Agent Mesh at CommunityLIVE 2026, positioning agents as an overlay on existing enterprise systems rather than requiring process redesign. The company introduced Agent Lifecycle Management and headless mode for Content Innovation Cloud to let agents interact with services directly without data migration or business process overhaul.

#agents #enterprise #context #orchestration

Read article →

Engineering 6.0

Databricks Blog

Jun 1, 2026

Debunking 8 data layout myths: why Liquid Clustering outperforms partitioning

Databricks compares Liquid Clustering to traditional partitioning strategies, debunking eight common misconceptions about data layout. The post explains why Liquid Clustering provides better query performance and operational efficiency than static partitioning schemes.

#Liquid Clustering #data layout #partitioning #query optimization

Read article →

AI 6.0

The New Stack

Jun 1, 2026

At Sapphire, SAP makes the case that enterprise AI is a context problem

SAP consolidated its AI offerings under the SAP Business AI Platform at Sapphire 2026, bringing together Business Technology Platform, Business Data Cloud, Autonomous Suite, and Joule Work. The company is shipping 50+ domain-specific Joule Assistants orchestrating 200+ specialized agents across finance, supply chain, procurement, and HR, positioning enterprise AI as a context and governance problem, not a model problem.

#agents #enterprise #context #ERP

Read article →

AI 7.0

AWS News

Jun 1, 2026

AWS Weekly Roundup: Claude Opus 4.8 on AWS, Aurora MySQL with Kiro Powers, and more (June 1, 2026)

Claude Opus 4.8, Anthropic's most capable model, is now available on Amazon Bedrock and AWS Claude Platform for agentic coding and knowledge work. The post highlights how AI-driven development lifecycle (AI-DLC) workshops are reshaping team structures into smaller AI-augmented squads and accelerating delivery of use cases.

#LLM #agents #Claude #Amazon Bedrock

Read article →

Security 9.0

InfoQ DevOps

Jun 1, 2026

BadHost Vulnerability Exposes AI Agents, Evaluators, and LLM Gateways

BadHost is a high-severity authentication bypass in Starlette (325M weekly downloads) that allows attackers to use malformed HTTP Host headers to bypass path-based access controls. The vulnerability directly exposes AI agent infrastructure, evaluators, and LLM gateways that rely on Starlette for request routing.

#CVE #Starlette #authentication bypass #security

Read article →

AI 6.0

Hugging Face Blog

Jun 1, 2026

Beyond LLMs: Why Scalable Enterprise AI Adoption Depends on Agent Logic

IBM Research argues that enterprise AI adoption at scale requires agent logic beyond raw LLM capabilities, addressing orchestration, reasoning, and reliability challenges in production deployments.

#agents #enterprise #reasoning #orchestration

Read article →

AI 8.0

Docker Blog

Jun 1, 2026

Coding Agent Horror Stories: The rm -rf ~/ Incident

Docker examines a real incident where Claude Code executed rm -rf tests/ patches/ plan/ ~/, wiping a developer's entire Mac due to a trailing slash. The post details how AI coding agents run with user credentials and filesystem access with no execution boundary, and how workspace-scoped sandboxing can contain such failures.

#agents #security #sandbox #code execution

Read article →

Other 5.0

OpenAI Blog

Jun 1, 2026

Building the infrastructure for the Intelligence Age in Michigan

OpenAI announces groundbreaking on a 1GW data center in Michigan as part of the Stargate infrastructure project, expanding AI compute capacity and supporting local economic development.

#infrastructure #compute #data-center

Read article →

Security 5.0

The Hacker News

Jun 1, 2026

China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan

Operation Dragon Weave, a China-aligned cyber espionage campaign, targets government, research, academic, technology, and financial sectors in Czech Republic and Taiwan using spear-phishing emails with ZIP attachments to deliver AdaptixC2 agent. The campaign demonstrates persistent targeting of critical infrastructure and research institutions.

#security #espionage #malware #spear-phishing

Read article →

DevOps 5.0

CNCF Blog

Jun 1, 2026

Dynamic configuration for cloud native Swift services

CNCF published guidance on Swift Configuration, a new standard for managing configuration in Kubernetes-native Swift services. It addresses gaps in manual environment-variable and file-based approaches by providing layered provider models, hot reloading for ConfigMap-backed volumes, and immutable snapshots to prevent torn reads during live traffic.

#Kubernetes #configuration #Swift #cloud-native

Read article →

Cloud 6.0

OpenAI Blog

Jun 1, 2026

OpenAI frontier models and Codex are now available on AWS

OpenAI's frontier models and Codex are now generally available through AWS, allowing enterprises to access OpenAI APIs within AWS environments, controls, and procurement workflows without leaving their cloud provider.

#LLM #API #AWS #enterprise

Read article →

Security 9.0

InfoQ DevOps

Jun 1, 2026

A Trailing Slash Bypassed AWS API Gateway Authorization

A security researcher discovered that appending a trailing slash to AWS HTTP API paths bypassed Lambda authorizer authentication entirely, enabling unauthenticated access. The root cause is path normalization mismatch between HTTP API's greedy route matching and its authorization layer, a vulnerability class also seen in gRPC-Go (CVE-2026-33186).

#CVE #AWS #API Gateway #authorization bypass

Read article →

Security 8.0

The Hacker News

Jun 1, 2026

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

The codexui-android npm package, advertised as a remote web UI for OpenAI Codex with 29,000 weekly downloads, was compromised in a supply chain attack that steals OpenAI authentication tokens from developers. The malicious package remains available on npm despite disclosure.

#supply-chain #npm #credentials #malware

Read article →

Security 7.0

The Hacker News

Jun 1, 2026

Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts

A critical vulnerability in WP Maps Pro WordPress plugin, sold over 15,000 times on Envato Market, is being actively exploited to create malicious administrator accounts. The plugin embeds customizable Google Maps and OpenStreetMap features, making it a high-value target for WordPress site compromise.

#security #CVE #WordPress #privilege escalation

Read article →

AI 7.0

NVIDIA Developer Blog

Jun 1, 2026

How to Post-Train Autonomous Vehicle Models in Closed-Loop with NVIDIA Alpamayo

NVIDIA Alpamayo enables closed-loop post-training of vision-language-action (VLA) models for autonomous vehicles, where model outputs directly affect environment feedback rather than comparing against ground-truth. This bridges the gap between open-loop training and real-world deployment by incorporating environmental consequences into the learning loop.

#VLA models #autonomous vehicles #post-training #closed-loop

Read article →

AI 8.0

NVIDIA Developer Blog

Jun 1, 2026

Develop Physical AI Reasoning, World, and Action Models with NVIDIA Cosmos 3

NVIDIA Cosmos 3 is a frontier foundation model for physical AI that enables robots, autonomous vehicles, and smart spaces to understand their environment, predict future states, and generate task-specific actions. The model combines world modeling and action generation for embodied AI systems.

#foundation models #physical AI #world models #robotics

Read article →

AI 7.0

NVIDIA Developer Blog

Jun 1, 2026

Advancing AI Infrastructure for Agentic AI with NVIDIA DOCA In-Silicon Security

NVIDIA DOCA in-silicon security addresses the new attack surface created by AI factories running autonomous agents at scale. The platform integrates security into hardware and infrastructure layers to protect the data-to-intelligence pipeline that powers agentic AI systems.

#agentic AI #AI infrastructure #security #in-silicon

Read article →

AI 7.0

NVIDIA Developer Blog

Jun 1, 2026

NVIDIA Vera CPU Sets a New Standard for Agentic Workloads in AI Factories

NVIDIA Vera CPU is optimized for agentic AI workloads in AI factories, following the scaling law of test-time compute where models generate more tokens for reasoning. Vera targets the CPU-side bottleneck in agentic inference pipelines.

#agentic AI #CPU #test-time scaling #AI factories

Read article →

AI 6.0

NVIDIA Developer Blog

Jun 1, 2026

NVIDIA DSX OS Delivers Open, Modular Software for Operating AI Factories at Scale

NVIDIA DSX OS is a modular software platform for operating AI factories across a five-layer stack: energy, chips, infrastructure, models, and applications. It provides tools for designing, simulating, and building AI factories that generate intelligence tokens at scale.

#AI factories #MLOps #infrastructure #modular architecture

Read article →

Security 9.0

Snyk Blog

Jun 1, 2026

Miasma supply chain attack: malicious code found in @redhat-cloud-services npm packages

The Miasma supply chain worm infected dozens of @redhat-cloud-services npm packages via malicious preinstall hooks that steal credentials, probe cloud identities, and republish compromised packages. The attack demonstrates how a single compromised namespace can propagate across dependent projects.

#supply-chain #npm #malware #credentials

Read article →

Security 7.0

The New Stack

May 31, 2026

Gavriel Cohen found his own code inside OpenClaw, so he walked away

A developer discovered his own code bundled inside OpenClaw (formerly Clawd Bot), an agent framework built on Claude Code, raising immediate security concerns about package provenance and supply-chain integrity. Cohen, who had previously built the package, found it included in OpenClaw's dependency tree without attribution or consent, prompting him to fork the project as NanoClaw to address governance and transparency issues.

#agents #supply-chain #security #Claude

Read article →

AI 8.0

The New Stack

May 31, 2026

AI retrieval at scale is becoming a systems problem, not a tooling problem

Production RAG and agentic systems now require integrated retrieval combining keyword matching, semantic search, ranking, and real-time signals in a single request path, moving beyond standalone vector databases. The shift from model-quality focus to operational trade-offs like latency, ranking quality, and architectural simplicity reflects how retrieval has become a systems integration challenge rather than a pure tooling problem.

#RAG #retrieval #ranking #vector search

Read article →

DevOps 7.0

The New Stack

May 31, 2026

The DIY platform trap that's burning out engineering teams

Platform teams building custom automation stacks often create unmaintainable complexity that outlives its original authors, shifting toil from workflow execution to infrastructure archaeology. The article argues that layering scripts, blueprints, orchestration, and GitOps without clear ownership and documentation trades one problem for another, leaving teams debugging intent rather than applications.

#platform engineering #DevOps #automation #technical debt

Read article →

AI 6.0

The New Stack

May 31, 2026

I tested Cursor's new Jira integration and it's 5 stars, no notes. Here's why.

Cursor's new Jira integration allows developers to assign tickets directly as prompts without context switching or copy-paste, tested across four scenarios with varying ticket clarity. The integration performed well on both well-written and vague tickets, though it requires Cursor Teams subscription (no free trial) and is currently low-adoption in the Atlassian marketplace with only 548 installs.

#Cursor #Jira #LLM agents #developer tools

Read article →

Security 6.0

The Hacker News

May 31, 2026

Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices

Dutch law enforcement and the National Cyber Security Center (NCSC) took down a botnet commanding at least 17 million compromised devices across computers, tablets, smartphones, and IoT devices. The operation involved dismantling over 200 servers hosted in the Netherlands that coordinated malicious attacks.

#botnet #malware #IoT #threat intelligence

Read article →

AI 7.0

InfoQ DevOps

May 30, 2026

Arm Open-Sources Metis, an AI Security Framework Outperforming Traditional SAST Tools

Arm has open-sourced Metis, an agentic AI framework that uses semantic reasoning to autonomously discover software vulnerabilities across component dependencies. Unlike pattern-based SAST tools, Metis applies LLM-driven reasoning to analyze code relationships and generates natural language explanations for findings, demonstrating better detection of complex security issues.

#agents #security #LLM #SAST

Read article →

AI 7.0

The New Stack

May 30, 2026

Why GPT-5.4, Claude, and Gemini can't agree on basic, real-world facts

Analysis from Lenz claim-verification platform shows five frontier LLMs (GPT-5.4, Claude Opus 4.7, Gemini 3 Pro, Gemini 3 Pro + Search, Sonar Pro) disagreed on 67% of 1,000 real-world fact-check claims using a 4-bucket rubric (True/Mostly True/Misleading/False). The split reflects intentional coverage of production inference modes from latency-sensitive to throughput-aware.

#LLM #evals #factuality #inference

Read article →

AI 7.0

The New Stack

May 30, 2026

Replit's vibe coding platform just got a Visa-backed identity layer for AI agents — and it changes how agents spend money

Replit and Visa announced a strategic partnership integrating Visa Intelligent Commerce capabilities into Replit's development environment. Developers now have native access to tokenization, authentication, wallet management, and payment instructions within agent-building workflows, enabling agents to execute transactions directly.

#AI agents #payments #commerce #tool-use

Read article →

AI 6.0

The New Stack

May 30, 2026

Opus 4.8 Made Claude Smarter. Token Discipline Got Urgent.

Anthropic released Claude Opus 4.8, claimed as the smartest model yet, amid viral stories of enterprises facing runaway LLM costs (including an unverified claim of half-billion dollar monthly spend). The article argues that token efficiency and usage limits have become critical operational concerns as frontier models improve but inference costs remain high.

#LLM #Claude #cost #inference

Read article →

Cloud 8.0

InfoQ DevOps

May 30, 2026

Google Cloud Suspends Railway's Production Account, Causing Eight-Hour Platform-Wide Outage

Google Cloud's automated abuse-detection systems suspended Railway's production GCP account without warning, causing an eight-hour outage affecting 3 million users. Because Railway's control plane ran on GCP while workloads spanned AWS and bare metal, the suspension cascaded across all providers. Railway is now treating GCP as backup-only infrastructure.

#outage #cloud #infrastructure #GCP

Read article →

Security 8.0

The Hacker News

May 30, 2026

PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation

Palo Alto Networks disclosed CVE-2026-0257 (CVSS 7.8), an authentication bypass in PAN-OS and Prisma Access that allows attackers to establish unauthorized VPN connections. The vulnerability is under active exploitation in the wild.

#CVE #authentication #VPN #Palo Alto

Read article →

AI 7.0

AWS ML Blog

May 29, 2026

Comprehensive observability for Amazon SageMaker AI LLM inference: From GPU utilization to LLM quality

AWS details a two-dimensional observability framework for SageMaker LLM inference: quantity metrics (latency, throughput, GPU utilization, cost) and quality metrics (response accuracy, compliance, consistency). The approach stages observability from core operational signals through sampling-based LLM quality monitoring to detect distribution shift and capacity bottlenecks in production deployments.

#LLM #observability #inference #SageMaker

Read article →

AI 7.0

NVIDIA Developer Blog

May 29, 2026

DynoSim: Simulating the Pareto Frontier

NVIDIA describes DynoSim, a tool for simulating LLM serving configurations and their performance trade-offs across model backend, tensor parallelism, prefill/decode split, worker counts, scheduler settings, routing policy, KV cache behavior, and autoscaling thresholds. DynoSim helps identify Pareto-optimal serving configurations without exhaustive real-world testing.

#LLM #serving #inference #optimization

Read article →

Cloud 7.0

Databricks Blog

May 29, 2026

Enabling Evolutionary Database Development: database branching with Lakebase

Databricks Lakebase introduces database branching capabilities for evolutionary database development, enabling teams to manage schema changes and data evolution in parallel branches before merging to production. This mirrors Git-like workflows for data infrastructure.

#database branching #Lakebase #schema evolution #data versioning

Read article →

AI 6.0

Databricks Blog

May 29, 2026

AI Doesn't Scale Until You Stop Calling It Innovation

Databricks argues that enterprise AI adoption stalls when organizations treat AI as a one-off innovation project rather than operationalized infrastructure. The post emphasizes that scaling AI requires moving from experimental teams to integrated MLOps practices, data governance, and production-grade systems.

#MLOps #AI infrastructure #enterprise AI #operationalization

Read article →

Security 7.0

The Hacker News

May 29, 2026

ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface

Permiso Security disclosed ChatGPhish, a vulnerability in ChatGPT's web summary feature that exploits the renderer's implicit trust in Markdown links and images to inject prompts and enable phishing attacks. The vulnerability allows attackers to manipulate ChatGPT responses through crafted web content.

#prompt-injection #ChatGPT #phishing #vulnerability

Read article →

AI 8.0

Google Cloud Blog

May 29, 2026

Developer's guide to Gemini Enterprise and A2UI integration

Google released A2UI, an open protocol for agent-driven user interfaces, enabling agents to render rich interactive UI (date pickers, maps, multi-select lists) natively in Gemini Enterprise chat and custom frontends. Solves multi-turn slot-filling and choice rendering problems in agentic workflows using Google Agent Development Kit and A2A protocol.

#agents #A2UI #Gemini Enterprise #UI protocol

Read article →

AI 7.0

NVIDIA Developer Blog

May 29, 2026

How to Automate AI Model Documentation with the NVIDIA MCG Toolkit

NVIDIA MCG Toolkit automates generation of model cards and regulatory documentation for AI models, addressing compliance requirements under AB-2013 and EU AI Act. The toolkit captures model behavior, training data, performance metrics, and intended use in auditable format before release.

#model cards #MLOps #compliance #documentation

Read article →

Cloud 7.0

Google Cloud Blog

May 29, 2026

AlloyDB Hot Standby: Faster failovers, consistent performance

AlloyDB for PostgreSQL introduces Hot Standby, a new high-availability architecture that keeps the standby node warm and cache-ready to eliminate database startup and cache-warming delays during failover. The separation of compute and storage with synchronous WAL writes to a regional log persistor ensures durability while reducing recovery time.

#AlloyDB #PostgreSQL #high-availability #failover

Read article →

Cloud 6.0

Google Cloud Blog

May 29, 2026

From petabytes to predictions: Easy BigQuery insights in Google Sheets

Connected Sheets bridges BigQuery and Google Sheets, eliminating CSV exports and data silos by providing a secure, live connection to petabyte-scale datasets directly in Sheets. Business users can analyze billions of rows without SQL while admins maintain governance through table-level access controls and Workspace data protections.

#BigQuery #data-analytics #governance #Google Sheets

Read article →

Security 5.0

Google Cloud Blog

May 29, 2026

Cloud CISO Perspectives: How to build an AI-ready security program for the public sector

Google Cloud CISO guidance for government agencies and critical infrastructure on building AI-ready security programs. Article addresses challenges of securing complex legacy systems (industrial control, municipal databases) while integrating AI-driven defense capabilities.

#AI security #government #critical infrastructure #CISO guidance

Read article →

Cloud 5.0

Google Cloud Blog

May 29, 2026

Cool stuff Google Cloud customers built, May edition: Agentic algorithms for supply chains; virtual try-on APIs; robotic camera operators & more

Google Cloud customer showcase featuring Urban Outfitters migrating 11TB Oracle database to AlloyDB for PostgreSQL, BASF using AlphaEvolve for supply-chain mapping, WPP training humanoid robots with vision, and Breuninger deploying Virtual Try-On APIs. Demonstrates production AI agent and infrastructure use cases across retail, manufacturing, and logistics.

#agents #AlloyDB #supply-chain #computer vision

Read article →

AI 7.0

Azure Blog

May 29, 2026

Claude Opus 4.8 is now available in Microsoft Foundry

Anthropic's Claude Opus 4.8 model is now available in Microsoft Azure AI Foundry, offering improved performance for coding, agentic workflows, and document-heavy analysis. The model is designed to handle longer-running tasks, maintain coherence across complex multi-step workflows, use tools reliably, and support production enterprise applications.

#LLM #Claude #agents #Azure

Read article →

Security 8.0

The Hacker News

May 29, 2026

Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit

Threat actors exploited CVE-2026-39987 in publicly-accessible Marimo notebooks to gain initial access, then deployed an LLM agent to automate post-compromise actions including credential extraction and lateral movement. The attack demonstrates operational use of agentic AI for attack orchestration beyond initial exploitation.

#LLM agents #CVE #post-exploitation #credential theft

Read article →

AI 6.0

The New Stack

May 29, 2026

Why Linux creator Linus Torvalds gets angry hearing "99% of code is AI"

Linus Torvalds argues that AI is a productivity tool for developers, not a replacement for programming, comparing it to historical shifts from machine code to compilers. He emphasizes that serious long-lived projects require deep understanding of generated code and system architecture, not just prompt engineering.

#AI #programming #productivity #code generation

Read article →

Security 8.0

The New Stack

May 29, 2026

"The AI did it" won't save you when EU regulators come knocking

The EU's Cyber Resilience Act imposes strict accountability for software vulnerabilities starting September 2026, with no distinction between human-written and AI-generated code. Organizations must now document and secure their entire SDLC while managing the compliance burden of AI tools that generate code faster than teams can review.

#security #compliance #AI-generated-code #vulnerability-management

Read article →

DevOps 7.0

The New Stack

May 29, 2026

Vendor neutrality isn't magic: A hard look at the OpenTelemetry ecosystem

The article examines the limits of OpenTelemetry's vendor neutrality promise, tracing how the standard's roots in distributed tracing shaped its design and where ecosystem lock-in actually occurs. It argues that while OTel provides a neutral data format and transport, switching vendors remains difficult in practice, similar to format portability not guaranteeing platform switching ease.

#observability #OpenTelemetry #vendor-neutrality #distributed-tracing

Read article →

DevOps 6.0

The New Stack

May 29, 2026

The fix for soaring AI cloud bills exists — so why won't we trust it?

Despite 89% of organizations prioritizing automated resource right-sizing to control GPU-driven AI cloud costs, 71% of Kubernetes engineers still require human review for CPU and memory changes. The article explores the trust gap between automation for productivity gains versus automation for cost reduction.

#Kubernetes #cost-optimization #resource-management #automation

Read article →

AI 7.0

The New Stack

May 29, 2026

AI is shipping code faster than security was built to handle

Snyk launched Evo Continuous Offensive Security, an AI-powered pentesting product that runs continuously rather than annually, addressing the 350-day coverage gap left by traditional 15-day pentesting engagements. The product targets the emerging need for continuous vulnerability detection in AI-generated code and against agentic attackers.

#AI-agents #penetration-testing #vulnerability-detection #application-security

Read article →

AI 7.0

InfoQ DevOps

May 29, 2026

AI-Assisted Migration Tool Helps Teams Move from ingress-nginx to Higress in Minutes

An AI-assisted migration tool demonstrated by CNCF successfully migrated 60 ingress-nginx resources to Higress in approximately 30 minutes, showcasing practical application of AI for Kubernetes networking infrastructure modernization. The tool automates the translation of ingress-nginx configurations to Higress equivalents.

#AI #Kubernetes #ingress-nginx #Higress

Read article →

Security 6.0

The Hacker News

May 29, 2026

New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks

WithSecure attributed a previously undocumented threat actor called GREYVIBE to persistent attacks on Ukraine and Ukraine-related entities since August 2025, operating in Russian time zones with activities aligned to Kremlin interests. The group reportedly employs AI-powered attack techniques.

#threat actor #state-sponsored #Ukraine #AI-powered attacks

Read article →

DevOps 7.0

CNCF Blog

May 29, 2026

Building a cloud native internal developer platform with Kubernetes, GitOps, and supply chain security

The CNCF describes a reference architecture for an Internal Developer Platform built on Kubernetes, GitOps (Argo CD), and Infrastructure as Code, addressing deployment inconsistencies, secret management, cost overhead, and observability fragmentation. The design applies to any CNCF-conformant Kubernetes distribution, including managed AKS.

#Kubernetes #GitOps #IDP #infrastructure-as-code

Read article →

Security 7.0

The Hacker News

May 29, 2026

What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks

Analysis of 2,000 exposed applications built with Vibe (AI-coded apps) reveals shadow AI risk: employees building full production applications with AI tools without security or IT oversight, then publishing them publicly. The report highlights how artifact risk has shifted from prompt injection to unsecured AI-generated products in production.

#shadow AI #AI-generated code #supply-chain risk #governance

Read article →

Security 8.0

The Hacker News

May 29, 2026

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

Researchers discovered malicious NuGet package versions 2.0.0-2.0.4 of 'Sicoob.Sdk' masquerading as a C# SDK for Brazil's Sicoob financial cooperative, exfiltrating client IDs and PFX certificates. The attack targets cloud secrets and banking credentials through package repository supply-chain compromise.

#supply-chain #NuGet #credential theft #package repository

Read article →

AI 8.0

InfoQ DevOps

May 29, 2026

GitHub Slashes Agent Workflow Token Spend up to 62% with Daily Audits and MCP Pruning

GitHub reduced token costs in agentic CI workflows by up to 62% through MCP tool pruning, swapping MCP calls for gh CLI where appropriate, and running daily auditor and optimizer agents. A token-usage.jsonl artifact and Effective Tokens metric enable cost tracking and regression detection across models.

#agents #MCP #token-optimization #CI/CD

Read article →

Security 7.0

The Hacker News

May 29, 2026

Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels

North Korean state-sponsored Kimsuky (Velvet Chollima) conducted cyber attacks on South Korean military and corporate entities in March-April 2026 using new tools including HTTPSpy, HelloDoor, and VS Code Tunnels. Attack chain leveraged social engineering via spoofed security software and fake Webex pages.

#state-sponsored #North Korea #Kimsuky #social engineering

Read article →

AI 6.0

Snyk Blog

May 29, 2026

Fix SCA issues at scale in your terminal with Snyk Remediation Agent in the CLI

Snyk released a Remediation Agent in its CLI that uses AI reasoning combined with Snyk's security intelligence to automatically fix Software Composition Analysis (SCA) vulnerabilities at scale. The agent runs directly in the terminal, reducing manual security remediation work.

#AI-agents #SCA #vulnerability-remediation #CLI

Read article →

AI 5.0

Snyk Blog

May 29, 2026

How Relay Network Adopted AI Coding Securely and Built the Foundation for Agentic Development

Relay Network implemented secure AI coding adoption using Snyk and GitHub Copilot with a "secure at inception" approach to reduce vulnerabilities while accelerating development. The case study demonstrates how to integrate security scanning into AI-assisted coding workflows.

#AI-coding #GitHub-Copilot #security-integration #vulnerability-reduction

Read article →

AI 6.0

NVIDIA Developer Blog

May 29, 2026

Run Step 3.7 Flash on NVIDIA GPUs with Enterprise-Ready Multimodal AI

Step 3.7 Flash, a 198B multimodal model from StepFun, is now available on NVIDIA-accelerated infrastructure for production deployment. The model handles images, documents, video, and text in real time, enabling enterprises to process fragmented information across modalities at scale.

#multimodal #LLM #inference #NVIDIA

Read article →

AI 6.0

OpenAI Blog

May 29, 2026

A shared playbook for trustworthy third party evaluations

OpenAI publishes guidance on third-party AI model evaluations, covering assessment of capabilities, safeguards, and validity for frontier systems. The playbook provides a framework for independent evaluation of large language models.

#LLM #evals #safety #frontier AI

Read article →

Engineering 6.0

Hugging Face Blog

May 29, 2026

Profiling in PyTorch (Part 1): A Beginner's Guide to torch.profiler

Hugging Face publishes a beginner-focused guide to PyTorch's torch.profiler module for identifying performance bottlenecks in model training and inference. The tutorial covers profiling methodology and interpretation of profiling results.

#PyTorch #profiling #performance #training

Read article →

AI 7.0

AWS ML Blog

May 28, 2026

Training Azerbaijani language models on Amazon SageMaker AI

Azercell Telecom built a production Azerbaijani LLM on SageMaker using kernel-level optimizations and custom tokenization, achieving 23% higher training throughput, 58% lower peak GPU memory, and 2x improvement in tokens-per-word for morphologically rich languages. The framework uses PyTorch, Hugging Face Transformers, and Liger Kernels on ml.p5.48xlarge instances.

#LLM training #low-resource languages #kernel optimization #tokenization

Read article →

DevOps 5.0

AWS ML Blog

May 28, 2026

Build a custom portal with embedded Amazon SageMaker AI MLflow Apps

This guide shows how to embed SageMaker MLflow Apps into SSO-integrated internal portals using a React frontend and Flask backend, eliminating presigned URL distribution and AWS Console access overhead. The solution provides data scientists a single bookmarkable URL for experiment tracking while CI/CD pipelines access MLflow REST APIs through SigV4-authenticated proxy endpoints.

#MLflow #MLOps #experiment tracking #SSO

Read article →

DevOps 5.0

AWS ML Blog

May 28, 2026

Streamline external access to Amazon SageMaker MLflow using a REST API proxy

This post demonstrates building a Flask-based HTTPS proxy for SageMaker MLflow that bypasses SDK requirements, enabling integration with legacy systems and corporate security policies. The solution handles IAM authentication, URL pre-signing, and request transformation for organizations undergoing cloud transformation.

#MLflow #proxy #HTTPS #IAM

Read article →

AI 8.0

AWS ML Blog

May 28, 2026

Evaluating Deep Agents using LangSmith on AWS

LangSmith on AWS provides evaluation patterns for multi-step AI agents, combining offline pytest-based testing with online production monitoring. The guide walks through a text-to-SQL deep agent using Amazon Bedrock and Amazon Nova 2 Lite, demonstrating how to catch non-deterministic agent failures early and track reliability throughout the agent lifecycle.

#agents #evals #LangSmith #monitoring

Read article →

Cloud 6.0

AWS News

May 28, 2026

Introducing the next generation of AWS Resilience Hub for generative AI-based SRE resilience journey

AWS Resilience Hub now integrates generative AI for failure mode analysis, dependency discovery, and modular resilience policies to help SREs set consistent resilience goals and measure compliance across application portfolios. The update adds AWS Organizations integration for enterprise-wide reporting and structured policy composition rather than rigid single-type policies.

#resilience #SRE #AWS #failure analysis

Read article →

AI 6.0

Google Cloud Blog

May 28, 2026

How the University of Central Oklahoma is using AI to streamline analysis of complex criminal cases

University of Central Oklahoma's Forensic Science Institute deployed Google's NotebookLM to accelerate analysis of complex criminal case documents and timeline construction. The AI-driven solution, prototyped during a hackathon, reduced analysis time from months to significantly shorter periods, establishing a new standard for forensic investigation workflows.

#NotebookLM #Gemini #document-analysis #case-management

Read article →

DevOps 6.0

Databricks Blog

May 28, 2026

Unity Catalog and the next era of Apache Iceberg

Databricks discusses the integration of Unity Catalog with Apache Iceberg as the foundation for next-generation open lakehouse architecture. The focus is on catalog-driven governance and metadata management for open table formats.

#Apache Iceberg #Unity Catalog #lakehouse #metadata

Read article →

AI 7.0

AWS News

May 28, 2026

Introducing the next generation of Amazon OpenSearch Serverless for building your agentic AI applications

Amazon OpenSearch Serverless now scales from zero to thousands of requests per second with 60% cost savings versus provisioned clusters, instant resource creation, and 20x faster scaling. Native integrations with Vercel and Kiro enable production-ready vector and full-text search backends for AI agents in minutes without infrastructure management.

#vector search #serverless #agents #RAG

Read article →

AI 7.0

AWS ML Blog

May 28, 2026

Build a test suite that grows with your agent with dataset management in Amazon Bedrock AgentCore

Amazon Bedrock AgentCore now supports versioned test datasets for agent evaluation, combining offline baselines with online production signals. The workflow captures production failures as permanent test cases, publishes immutable dataset versions, and enables iterative agent improvements against locked benchmarks.

#agents #evals #testing #datasets

Read article →

Security 8.0

The Hacker News

May 28, 2026

Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code

A critical RCE vulnerability (CVSS 9.4, no CVE assigned yet) in Gogs, a self-hosted Git service, allows any authenticated user to execute arbitrary code. The flaw affects Gogs deployments where authentication is enabled, creating a post-auth code execution risk.

#RCE #Gogs #vulnerability #CVSS-9.4

Read article →

AI 7.0

Anthropic News

May 28, 2026

Introducing Claude Opus 4.8

Anthropic releases Claude Opus 4.8, an upgrade to the Opus model class with improved performance on coding, agentic tasks, and professional work, plus consistency improvements for long-running workflows.

#LLM #Claude #agents #coding

Read article →

DevOps 6.0

HashiCorp Blog

May 28, 2026

SCIM in HashiCorp Vault standardizes provisioning in platforms

HashiCorp Vault now supports SCIM (System for Cross-domain Identity Management) for standardized user and group provisioning, enabling joiner-mover-leaver workflows tied to authoritative identity providers. This reduces configuration drift, eliminates stale access, and extends identity-first security into secrets management without custom integrations.

#SCIM #identity #provisioning #Vault

Read article →

AI 6.0

AWS ML Blog

May 28, 2026

Automate AML alert triage with Amazon Quick and Snowflake Cortex AI

Amazon Quick Flows integrated with Snowflake Cortex AI automates anti-money laundering alert triage, reducing investigation time from 30-90 minutes to under 5 minutes. The solution uses Amazon Quick's Model Context Protocol integration to orchestrate workflows across AWS services (S3, Glue, SageMaker, Bedrock) and Snowflake's AI Data Cloud.

#agents #workflow automation #compliance #Snowflake

Read article →

AI 8.0

The New Stack

May 28, 2026

Why OpenAI and Anthropic are hiring forward deployed engineer teams

OpenAI and Anthropic are building forward deployed engineering (FDE) teams that embed directly with enterprise clients to integrate AI models into production systems. MIT research found 95 percent of enterprise AI pilots failed due to implementation challenges, not model quality, driving this shift toward hands-on deployment support.

#agents #enterprise AI #deployment #implementation

Read article →

AI 8.0

Google Cloud Blog

May 28, 2026

AI in SRE: Where and how Google is deploying agentic AI to improve operations

Google SRE is adopting agentic AI to manage increasing system complexity driven by microservices, distributed infrastructure, and AI-generated code. The deployment addresses challenges from wider geographical distribution, complex product topologies, and continuous deployment pipelines by using AI as a force multiplier while maintaining operational control.

#agentic-AI #SRE #operations #reliability

Read article →

Cloud 8.0

Google Cloud Blog

May 28, 2026

Evolving Dataflow to process massive datasets for machine learning

Google evolved its Flume data platform (successor to MapReduce) with innovations for large-scale ML data processing, including liquid sharding for dynamic work-unit splitting. These features are now available in Google Cloud Dataflow, addressing scalability and efficiency demands from training frontier models like Gemini and autonomous systems like Waymo.

#Dataflow #data-processing #machine-learning #scalability

Read article →

AI 7.0

Google Cloud Blog

May 28, 2026

Nano Banana 2 and Nano Banana Pro are generally available, and already powering creative workflows

Google announces general availability of Nano Banana 2 (Gemini 3.1 Flash Image) and Nano Banana Pro (Gemini 3 Pro Image) via Gemini Enterprise Agent Platform for image generation and editing in enterprise workflows. Nano Banana 2 now supports video files as input prompts for context-aware image generation, with 1K and 2K output capabilities GA and 4K in preview.

#LLM #image generation #multimodal #agents

Read article →

Cloud 6.0

Google Cloud Blog

May 28, 2026

Go from resource-level to business-level maintenance in Google Cloud

Google Cloud launches App-centric maintenance visibility in Unified Maintenance, shifting from resource-focused to application-aware maintenance tracking. The feature integrates with App Hub to aggregate maintenance schedules for GKE clusters, Compute Engine VMs, and AlloyDB instances into a single business-oriented dashboard.

#observability #maintenance #GKE #Compute Engine

Read article →

Security 7.0

The Hacker News

May 28, 2026

Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

Threat actors are actively exploiting a critical, now-patched vulnerability in FortiClient Endpoint Management Server (EMS) to deliver credential-stealing malware across managed endpoints. The campaign abused trusted endpoint management infrastructure to distribute payloads, demonstrating how attackers weaponize legitimate management tools to compromise organizations at scale.

#CVE #FortiClient #credential-theft #endpoint-management

Read article →

Security 6.0

The Hacker News

May 28, 2026

Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal

Microsoft has publicly advocated for Coordinated Vulnerability Disclosure (CVD) practices, urging researchers to notify vendors before public disclosure. The statement follows removal of a researcher's GitHub account after they disclosed multiple zero-day details, reigniting debate over responsible disclosure timing and researcher accountability.

#CVE #disclosure-policy #zero-day #responsible-disclosure

Read article →

Security 5.0

The Hacker News

May 28, 2026

ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More

A weekly threat bulletin covering 18+ security incidents including a Claude security plugin vulnerability, Azure privilege escalation, Kali365 MFA bypass, and phishing campaigns. The digest highlights recurring patterns of low-effort malware distribution, exposed infrastructure, and social-engineering tactics across multiple platforms and services.

#threat-roundup #Azure #MFA-bypass #privilege-escalation

Read article →

AI 8.0

Cloudflare Blog

May 28, 2026

How we built Cloudflare's data platform and an AI agent on top of it

Cloudflare built Town Lake, a unified SQL analytics platform consolidating data from 50+ disparate systems (Postgres, ClickHouse, Kafka, BigQuery), and Skipper, an AI data agent that answers plain-English questions in seconds. The system solves data sprawl by providing a single interface to petabytes of production data across 330+ cities.

#AI agents #data platform #analytics #LLM

Read article →

AI 7.0

The New Stack

May 28, 2026

Claw-style AI agents are coming to the enterprise. The governance infrastructure is still catching up.

Automation Anywhere announced EnterpriseClaw, wrapping Nvidia's OpenShell runtime (which enables agents to replicate human keyboard actions) in centralized governance for enterprise deployment. The platform integrates with Cisco, Okta, and OpenAI, but reveals a critical gap: enterprises lack security and IAM frameworks to safely govern autonomous agents with device-level file system access and runtime tool creation.

#agents #governance #enterprise #OpenShell

Read article →

AI 8.0

The New Stack

May 28, 2026

The agentic identity crisis: Why your security isn't ready for the AI revolution

As AI agents move from chatbots to autonomous API callers and file readers, legacy IAM models fail. Agents operate in an identity vacuum, inheriting broad service-account or human-user permissions, creating a 144:1 agent-to-human ratio in production. The article maps the shift from input-validation security to action-based threat modeling, where prompt injection triggers malicious tool calls rather than display errors.

#agents #IAM #security #prompt-injection

Read article →

AI 6.0

OpenAI Blog

May 28, 2026

How Endava builds an agentic organization with Codex

Endava deployed OpenAI's Codex to automate software delivery workflows, reducing requirements analysis from weeks to hours through agentic task orchestration. The case study demonstrates how agents can coordinate across teams to accelerate development cycles and reduce manual handoffs.

#agents #LLM #automation #software delivery

Read article →

AI 7.0

The Hacker News

May 28, 2026

New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI "Power users"

LayerX Security's State of AI Usage Report 2026 reveals that enterprise AI risk is not evenly distributed but concentrated among a small group of power users and specific platforms. The research highlights a significant visibility gap in how organizations understand and track their actual AI exposure and usage patterns.

#AI-security #risk-concentration #visibility-gap #enterprise-AI

Read article →

AI 8.0

The New Stack

May 28, 2026

Debugging the undebuggable: building observability into probabilistic AI systems

Traditional debugging fails for LLM and agent workflows because failures are non-deterministic, reasoning steps are hidden, and retrieval can silently return low-quality context. The article shifts the paradigm from log-based debugging to observability-driven engineering, showing how to instrument AI services to surface hidden reasoning, tool failures, and retrieval quality.

#observability #LLM #agents #debugging

Read article →

DevOps 8.0

CNCF Blog

May 28, 2026

The Kubernetes integration tax: Prometheus, Cilium and production reality

Platform teams spend 80% of their time wiring together 20-30 CNCF projects (Prometheus, ArgoCD, Cilium, cert-manager, Velero, Sealed Secrets, Kyverno) rather than installing or tuning them individually. The article documents the hidden cost of integration: Prometheus had no ServiceMonitors for Cilium metrics, leaving on-call engineers blind despite Hubble working correctly, illustrating how integration gaps cascade across production stacks.

#Kubernetes #Prometheus #Cilium #integration

Read article →

Cloud 6.0

InfoQ DevOps

May 28, 2026

Microsoft Announces Azure Linux 4.0, Its First General-Purpose Server Linux Distribution

Microsoft announced Azure Linux 4.0, a Fedora-based general-purpose server distribution for Azure VMs, marking the first supported Linux distribution beyond container hosting. Azure Container Linux, an immutable container-optimized host built on Flatcar, was also announced.

#Linux #Azure #Fedora #container

Read article →

Engineering 7.0

InfoQ DevOps

May 28, 2026

Article: Stragglers, Not Failures: How Adaptive Hedged Requests Reduce p99 Latency by 74 Percent

This article presents an adaptive hedging mechanism for fan-out microservice architectures that uses DDSketch for real-time quantile estimation and windowed rotation to handle distribution drift, achieving 74% p99 latency reduction while preventing load amplification via token-bucket budgeting.

#latency #microservices #hedging #p99

Read article →

Security 7.0

The Hacker News

May 28, 2026

JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware

A previously undocumented threat actor (JINX-0164) has targeted cryptocurrency organizations using recruitment-themed social engineering and custom macOS malware. The campaign specifically targeted CI/CD infrastructure, demonstrating sophisticated targeting of development pipelines to facilitate digital asset theft.

#threat-actor #macOS-malware #social-engineering #CI/CD-targeting

Read article →

AI 5.0

OpenAI Blog

May 28, 2026

OpenAI's Frontier Governance Framework

OpenAI published a governance framework documenting its AI safety, security, and risk practices in alignment with emerging EU and California regulations. The framework outlines operational controls and compliance mechanisms for frontier model deployment.

#AI safety #governance #compliance #regulation

Read article →

DevOps 8.0

NVIDIA Developer Blog

May 27, 2026

NVIDIA Dynamo Snapshot: Fast Startup for Inference Workloads on Kubernetes

NVIDIA Dynamo Snapshot addresses cold-start latency for inference workloads on Kubernetes by enabling fast GPU state restoration from snapshots. The technique reduces startup time from minutes to seconds, preventing idle GPU allocation during traffic spikes.

#Kubernetes #inference #GPU #cold-start

Read article →

AI 7.0

AWS ML Blog

May 27, 2026

Process financial documents using Amazon Bedrock Data Automation

Amazon Bedrock Data Automation (BDA) extracts structured data from financial documents like tax forms, loan statements, and vendor contracts using foundation models with visual grounding and confidence scores. The service reduces hallucination risk and improves accuracy over raw OCR or generic Claude extraction at lower cost.

#Bedrock #document-extraction #foundation-models #financial-automation

Read article →

AI 7.0

Databricks Blog

May 27, 2026

Reliable LLM Inference at Scale

Databricks describes its inference platform architecture for serving frontier LLMs reliably at scale. The post covers handling variable load, fault tolerance, and cost optimization for production LLM workloads.

#LLM #inference #serving #reliability

Read article →

Cloud 5.0

Databricks Blog

May 27, 2026

BI Serving Pointers; Maximizing for Performance and TCO

Databricks provides optimization guidance for BI dashboard performance and total cost of ownership. The article addresses query tuning, caching strategies, and infrastructure choices to reduce both latency and operational costs.

#BI #performance #optimization #TCO

Read article →

Cloud 7.0

The New Stack

May 27, 2026

Snowflake commits $6B to AWS as it pushes deeper into AI

Snowflake announces a five-year, $6 billion commitment to AWS for Graviton compute and GPU-accelerated EC2 instances. The deal covers AI model training and inference workloads, plus cost-efficient general compute for traditional data warehousing, with expanded AWS Marketplace presence.

#Snowflake #AWS #GPU #Graviton

Read article →

AI 7.0

AWS ML Blog

May 27, 2026

Building AI agents for business support using Amazon Bedrock AgentCore

Works Human Intelligence (WHI) built two AI agents using Amazon Bedrock AgentCore for HR operations: a Commuting Allowance Agent for approval workflows and a Browser Operation Agent for system navigation. The solution reduced operational costs by up to 97% while improving efficiency for HR system management.

#agents #Bedrock #AgentCore #HR-automation

Read article →

AI 8.0

AWS ML Blog

May 27, 2026

From data overload to actionable insights: How Verizon Connect scaled agentic AI to 100,000 users

Verizon Connect deployed agentic AI to analyze 500 million daily data points across 1.2 million vehicle subscriptions, replacing manual spreadsheet analysis with dynamic pattern detection. The agent-based system identifies safety issues, maintenance needs, and operational inefficiencies at scale across 80,000 unique data indicators.

#agents #agentic-AI #fleet-management #data-analysis

Read article →

AI 6.0

NVIDIA Developer Blog

May 27, 2026

NVIDIA Blackwell Sets STAC-AI Record for LLM Inference in Finance

NVIDIA Blackwell GPUs set a new STAC-AI benchmark record for LLM inference in financial trading workloads. The result demonstrates Blackwell's performance on real-world finance use cases involving sentiment analysis and market prediction.

#Blackwell #GPU #inference #benchmarks

Read article →

AI 6.0

The New Stack

May 27, 2026

Why MotherDuck refuses to fork DuckDB

MotherDuck, a DuckDB commercialization startup, collaborates closely with DuckDB Labs rather than forking the open-source project. Operating the largest fleet of DuckDB databases in production, MotherDuck feeds operational insights back to core maintainers and now enables non-technical workers to query data via AI agents through MCP integration.

#DuckDB #MCP #agents #analytics

Read article →

AI 7.0

AWS ML Blog

May 27, 2026

How AWS SMGS uses an AI-powered conversational assistant to transform business management with Amazon Bedrock AgentCore

AWS built NarrateAI, a conversational agentic AI system using Amazon Bedrock AgentCore, to deliver on-demand business intelligence to leaders across the Sales, Marketing and Global Services organization. The two-layer architecture separates batch processing from real-time interaction, with specialized agents handling intelligent routing and validation.

#agents #AgentCore #business-intelligence #conversational-AI

Read article →

AI 5.0

The New Stack

May 27, 2026

Researcher "gave Claude Code 'ADHD'... and it thinks 2x better now." Outside experts want more proof.

Udit Akhouri released ADHD, a Claude Agent SDK skill that implements tree-of-thought reasoning with cognitive-frame branching and pruning. The tool fans out parallel reasoning branches, scores them, and deepens the most promising paths. Akhouri clarifies the tool excels at brainstorming and planning rather than direct code generation, though the "2x better" claim lacks independent validation.

#agents #reasoning #Claude #tree-of-thought

Read article →

AI 7.0

AWS ML Blog

May 27, 2026

Powering agentic AI sales strategy with Amazon Bedrock AgentCore

AWS Sales built Field Advisor on Amazon Bedrock AgentCore to orchestrate 20+ domain-specific agents handling CRM operations, meeting scheduling, customer insights, product recommendations, and compliance checks. The unified orchestration layer eliminates context-switching and manual agent selection for sales representatives.

#agents #AgentCore #orchestration #sales-automation

Read article →

AI 7.0

Anthropic Research

May 27, 2026

Coding agents in the social sciences

Anthropic research explores how coding agents can be applied to social science research tasks, examining their capabilities in data analysis, statistical modeling, and research automation. The work demonstrates practical use cases for AI agents in accelerating social science workflows.

#agents #coding #research #social-sciences

Read article →

Security 8.0

The New Stack

May 27, 2026

"There is no accountability": AI coding agents are installing packages no one owns

Aikido Security highlights a critical gap in enterprise AI agent governance: when Claude Code, GitHub Copilot, or Cursor autonomously install packages and dependencies, no team owns the security risk. Aikido Endpoint inspects packages, plugins, and extensions before installation and blocks malware; the company also launched Aikido Infinite for continuous AI penetration testing.

#security #agents #supply-chain #package management

Read article →

AI 7.0

The New Stack

May 27, 2026

"Tokenmaxxing is real, expensive & it's spreading": New tools emerge to stop AI budgets from exploding

Enterprises increasingly treat token consumption as a productivity proxy, leading to runaway costs. Uber's CTO blew through his Claude budget faster than expected, prompting the COO to demand cost-to-outcome mapping. New tools and practices are emerging to tie token usage to shipped features rather than raw consumption metrics.

#LLM #cost #budgeting #Claude

Read article →

Cloud 7.0

Google Cloud Blog

May 27, 2026

A Guide to AI Cold Starts on Cloud Run

Google Cloud explores infrastructure patterns to minimize cold-start latency when serving AI models on Cloud Run, addressing startup delays of 20+ seconds that drive developers back to GKE. The guide covers GPU fungibility, architectural decisions, and production strategies from Elastic serving millions of daily requests across 17+ model variants while maintaining scale-to-zero efficiency.

#Cloud Run #GPU #cold starts #serverless

Read article →

AI 8.0

Hugging Face Blog

May 27, 2026

ITBench-AA: Frontier Models Score Below 50% on the First Benchmark for Agentic Enterprise IT Tasks

ITBench-AA is the first benchmark measuring frontier LLMs on agentic enterprise IT tasks, revealing that state-of-the-art models score below 50% on realistic IT operations scenarios. The benchmark covers system administration, troubleshooting, and infrastructure management workflows.

#evals #agents #benchmarks #enterprise

Read article →

Other 5.0

NVIDIA Developer Blog

May 27, 2026

What's New for Game Developers in NVIDIA RTX: DLSS 4.5 for UE5 and Multilingual AI Characters

NVIDIA RTX updates include DLSS 4.5 for Unreal Engine 5 and expanded multilingual AI character support via NVIDIA ACE. The updates provide game developers with tools for AI-driven NPCs, frame generation, and ray-traced rendering.

#game development #AI characters #DLSS #Unreal Engine

Read article →

Security 6.0

Google Research Blog

May 27, 2026

Private analytics via zero-trust aggregation

Google Research presents a zero-trust aggregation framework for privacy-preserving analytics. The approach enables secure data collection and analysis without requiring trust in a central aggregator, using cryptographic techniques to protect individual records while computing aggregate statistics.

#privacy #cryptography #zero-trust #aggregation

Read article →

Security 5.0

The Hacker News

May 27, 2026

Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users

Banking trojan campaigns using Grandoreiro and BTMOB malware are targeting financial institutions and users across Latin America and Europe. WatchGuard and ESET researchers identified coordinated attacks on companies in Spain, Portugal, and Mexico, plus mobile users in Brazil.

#malware #banking-trojan #RAT #supply-chain

Read article →

Security 7.0

The Hacker News

May 27, 2026

Malicious npm Package Stole Files From Claude AI User Directory via GitHub

A malicious npm package named 'mouse5212-super-formatter' was discovered stealing files from Claude AI's user-data directory (/mnt/user-data). The package exploited the shared filesystem access available in development environments to exfiltrate AI tool uploads and outputs.

#supply-chain #npm #malware #credential-theft

Read article →

AI 8.0

The New Stack

May 27, 2026

With Google's debut, the most important AI agent feature is now the most boring one

Google repositioned Antigravity as a managed agent platform; Anthropic shipped Claude Managed Agents in April, and AWS added a configuration-first harness to Bedrock AgentCore. All three now offer the same core abstraction: a remote sandbox where agents reason, call tools, run code, and browse the web without orchestration code. Managed runtime has become table-stakes infrastructure.

#agents #infrastructure #managed services #orchestration

Read article →

AI 7.0

Databricks Blog

May 27, 2026

How the lakebase architecture stays resilient to cloud failures

Databricks explains how Lakebase architecture handles cloud infrastructure failures and agent workload demands. The post covers redundancy, failover mechanisms, and design patterns for resilience under variable load from AI agents.

#resilience #cloud failures #agents #architecture

Read article →

Cloud 5.0

Databricks Blog

May 27, 2026

Introducing Always-On pricing: automatic savings for Databricks Lakebase

Databricks announces Always-On pricing for Lakebase, a hybrid model that combines serverless and reserved capacity to optimize costs. The pricing tier automatically scales between on-demand and reserved modes based on workload patterns.

#pricing #serverless #cost optimization #Lakebase

Read article →

Other 5.0

The Hacker News

May 27, 2026

5 Steps to Managing Shadow AI Tools Without Slowing Down Employees

Organizations face governance challenges as employees adopt 3-5 AI tools daily without IT review, including writing assistants, coding copilots, and meeting summarizers. The article outlines strategies for managing shadow AI adoption while maintaining productivity and security.

#shadow-IT #AI-governance #risk-management #policy

Read article →

Cloud 7.0

Databricks Blog

May 27, 2026

Announcing Lakebase Change Data Feed (CDF)

Databricks introduces Change Data Feed (CDF) for Lakebase, enabling efficient capture and streaming of data modifications. CDF simplifies CDC (change data capture) workflows without requiring external tooling or complex setup.

#CDC #change data feed #streaming #data pipelines

Read article →

Security 7.0

Docker Blog

May 27, 2026

Mitigating CVE-2026-31431 ("Copy Fail") in Docker Engine

CVE-2026-31431 is a Linux kernel vulnerability affecting kernels back to 2017 that allows containers to create AF_ALG sockets. Docker Engine v29.4.3 and later restrict this syscall surface by default. Users on unpatched kernels without Docker v29.4.3 are exposed; Docker's mitigation initially broke 32-bit binaries and required iteration.

#CVE #Docker #security #containers

Read article →

AI 7.0

The New Stack

May 27, 2026

Why AI agents need a Context Lake

Scaling AI agents across organizations hits three walls: security approval delays for MCP servers (often 9+ months), context-window overflow from too many tools, and agents lacking organizational knowledge (e.g., service ownership). A Context Lake pattern centralizes and gates access to curated data sources, reducing approval friction and improving agent reasoning.

#agents #MCP #context #security

Read article →

Security 6.0

Google Cloud Blog

May 27, 2026

Introducing Google AI Threat Defense to help you outpace the adversary

Google launches AI Threat Defense, an automated security system using multiple AI models to detect and stop AI-powered attacks that now execute in hours instead of weeks. The system analyzes infrastructure, prioritizes threats, patches vulnerabilities, and continuously monitors for new attacks without relying on manual methods.

#security #AI agents #threat detection #automation

Read article →

Security 8.0

The Hacker News

May 27, 2026

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

CrowdStrike, Google, and Shadowserver Foundation coordinated to disrupt all C2 channels for GlassWorm, a persistent supply-chain campaign targeting developers via malicious packages and extensions since early 2025. The takedown eliminated the attacker's command infrastructure.

#supply-chain #malware #C2 #developer-targeting

Read article →

Security 5.0

The Hacker News

May 27, 2026

3 SOC Steps that Shut Down Incident Risks Early

Modern attacks hide within legitimate processes rather than forcing entry, requiring SOC teams to shift from perimeter-defense thinking to early-stage risk accumulation detection. The article outlines operational changes to catch incidents before they escalate.

#SOC #incident-response #threat-detection #risk-management

Read article →

DevOps 8.0

CNCF Blog

May 27, 2026

GPU autoscaling on Kubernetes with KEDA: Building an external scaler

Default Kubernetes autoscaling ignores GPU metrics, wasting accelerator capacity and increasing inference latency for vLLM, Triton, and agentic inference workloads. A custom KEDA external scaler using a DaemonSet solves the CGO and node-locality constraints of NVIDIA Management Library (NVML), enabling GPU-aware scaling on utilization, memory, temperature, and power draw.

#Kubernetes #GPU #KEDA #autoscaling

Read article →

Security 8.0

The Hacker News

May 27, 2026

Gitea Vulnerability Exposes Private Container Images without Authentication

CVE-2026-27771 in Gitea versions prior to 1.26.2 allows unauthenticated remote attackers to pull private container images without credentials. The vulnerability affects all self-hosted Gitea deployments and requires immediate patching.

#CVE #Gitea #container-registry #authentication-bypass

Read article →

AI 7.0

InfoQ DevOps

May 27, 2026

Azure Logic Apps Adds Sandboxed Code Interpreters to Agent Workflows

Microsoft adds sandboxed code interpreters to Azure Logic Apps, allowing agents to generate and execute Python, JavaScript, C#, and PowerShell in Hyper-V isolated sessions. Architects can select models per workflow, positioning Logic Apps as an agent platform for enterprise integration.

#agents #code execution #sandboxing #Azure

Read article →

Security 6.0

The Hacker News

May 27, 2026

AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites

Microsoft Defender Experts identified an active cryptojacking campaign exploiting AI chatbot recommendations to surface malicious download sites. The attack extends social engineering beyond search results by leveraging chatbot credibility to redirect users to malware.

#cryptojacking #malware #LLM-abuse #social-engineering

Read article →

DevOps 6.0

HashiCorp Blog

May 27, 2026

Consul 2.0 improves flexibility, control, and scalability

Consul 2.0 adds multi-port support for Kubernetes service mesh (beta), CyberArk Workload Identity Manager integration as external CA, global RPC rate limiting, and API Gateway auto-scaling. These features improve service discovery, mTLS enforcement, and operational efficiency in multi-platform environments.

#Consul #service-mesh #Kubernetes #mTLS

Read article →

Security 6.0

Snyk Blog

May 27, 2026

Continuous Offensive Security: The Line We've Been Walking

Snyk's Continuous Offensive Security platform integrates DAST, AI-driven pentesting, and agent-based red teaming to identify exploitable vulnerabilities before attackers. The approach combines dynamic scanning with AI agents to simulate real attack chains rather than cataloging isolated bugs.

#security #DAST #pentesting #agents

Read article →

Cloud 6.0

Databricks Blog

May 27, 2026

Building a FHIR-native health data platform on Databricks Lakebase

Databricks demonstrates building a FHIR-compliant health data platform on Lakebase. The post covers schema design, data integration from multiple EHR systems, and compliance considerations for healthcare data consolidation.

#FHIR #healthcare #data integration #compliance

Read article →

AI 7.0

OpenAI Blog

May 27, 2026

Warp's big bet on building open source with GPT-5.5

Warp integrates GPT-5.5 and OpenAI models to coordinate coding agents across local, cloud, and open-source development workflows. The platform uses AI agents to orchestrate multi-environment development tasks, combining local execution with cloud resources.

#agents #LLM #coding #orchestration

Read article →

AI 7.0

Hugging Face Blog

May 27, 2026

Shipping a Trillion Parameters With a Hub Bucket: Delta Weight Sync in TRL

Delta Weight Sync in TRL enables efficient distribution of trillion-parameter models by shipping only weight deltas instead of full model files. The approach reduces bandwidth and storage overhead when distributing large fine-tuned models via Hugging Face Hub.

#model distribution #fine-tuning #TRL #efficiency

Read article →

AI 6.0

Hugging Face Blog

May 27, 2026

Reachy Mini goes fully local

Reachy Mini, a humanoid robot platform, now runs conversational AI entirely on-device without cloud dependencies. The update enables local inference of language models on the robot's embedded hardware.

#inference #edge #robotics #local models

Read article →

AI 7.0

NVIDIA Developer Blog

May 26, 2026

Extract More Kernel Performance with NVIDIA CompileIQ Auto-Tuning

NVIDIA CompileIQ automates compiler flag tuning for GPU kernels, targeting the final performance gains after manual optimization exhausts obvious wins. The tool addresses a critical bottleneck in LLM inference pipelines where profilers show no remaining headroom despite weeks of tuning batch sizes, quantization, and kernel fusion.

#GPU #compiler #performance #LLM inference

Read article →

Engineering 8.0

NVIDIA Developer Blog

May 26, 2026

NVIDIA CUDA 13.3 Enhances GPU Development with Tile Programming in C++, Compiler Autotuning, and Python Updates

CUDA 13.3 introduces CUDA Tile programming in C++, a high-level abstraction for tile-based kernel development that automatically manages low-level GPU details. The release adds compiler autotuning and Python updates, with Tile support now available on Compute Capability 9.0 and later.

#CUDA #GPU #tile programming #C++

Read article →

AI 6.0

AWS ML Blog

May 26, 2026

Technical deep dive: AgentCore payments and innovation in agentic commerce

Amazon Bedrock AgentCore provides managed infrastructure for deploying autonomous AI agents at scale, abstracting server management and security. The post discusses how agentic AI is reshaping business models, with APIs shifting to pay-per-use pricing for agent traffic and content providers monetizing agent access. AgentCore addresses the challenge of agents accessing paid services and transacting in real time.

#agents #LLM #infrastructure #payments

Read article →

AI 7.0

AWS ML Blog

May 26, 2026

Build highly scalable serverless LangGraph multi-agent systems in AWS with Amazon Bedrock AgentCore

This post demonstrates building serverless multi-agent systems using LangGraph orchestrators integrated with Amazon Bedrock AgentCore Memory and Observability. The architecture combines AWS Lambda and Step Functions for automatic scaling, durable state management, and deterministic agent coordination. LangGraph's graph-based execution model enables complex multi-tool workflows with fine-grained cost control.

#agents #LangGraph #serverless #orchestration

Read article →

AI 7.0

AWS ML Blog

May 26, 2026

Build high-performance generative AI systems with Strands Agents, NVIDIA NIM, and Amazon Bedrock AgentCore

This post covers building high-performance multi-agent systems combining Strands Agents, NVIDIA NIM GPU-accelerated inference, and Amazon Bedrock AgentCore. The architecture addresses production challenges: inference latency under concurrent load, context loss in stateless environments, and visibility into multi-agent execution. A campaign review system example demonstrates parallel agent coordination with shared memory and observability.

#agents #inference #GPU #NVIDIA NIM

Read article →

AI 7.0

The New Stack

May 26, 2026

Google ranks the best AI for building Android apps, and the winner isn't Gemini

Google launched Android Bench, a continuously updated leaderboard benchmarking LLMs on Android development tasks. The portal now includes open-weight models and tracks latency, tokens, and cost, helping developers choose the best AI assistant for app building.

#LLM #benchmarking #Android #evals

Read article →

Security 7.0

Kubernetes Blog

May 26, 2026

Reconciling the Past: Correcting Records for Unfixed Kubernetes CVEs

The Kubernetes Security Response Committee is correcting CVE records for three unfixed vulnerabilities (CVE-2020-8561, CVE-2020-8562, CVE-2021-25740) that were incorrectly marked as fixed. These issues represent architectural design trade-offs that cannot be remediated without breaking core Kubernetes functionality. The corrections, effective June 1, 2026, will improve accuracy in vulnerability scanners and OSV feeds.

#CVE #Kubernetes #security #vulnerability-scanning

Read article →

AI 6.0

AWS ML Blog

May 26, 2026

AgentWatch: Proactive AWS monitoring with ambient agents

AgentWatch uses ambient AI agents to provide proactive monitoring of AWS resources across multiple accounts, moving beyond reactive CloudWatch alarms. The system addresses alert fatigue and delayed incident detection by correlating metrics, logs, and alarms from CloudWatch, Lambda, and EC2 to surface actionable insights before customer impact. Agents reduce context-switching and manual dashboard triage.

#agents #observability #monitoring #AWS

Read article →

AI 6.0

The New Stack

May 26, 2026

Google pushes Pro, Ultra, and free users from open-source Gemini CLI to closed-source Antigravity CLI

Google is sunsetting Gemini CLI on June 18 for most users, migrating them to Antigravity CLI, a closed-source agent-first development platform. Antigravity promises multi-agent orchestration and unified architecture but currently lacks feature parity and imposes usage limits, frustrating early adopters.

#CLI #agents #developer tools #Gemini

Read article →

AI 5.0

AWS ML Blog

May 26, 2026

From idea to AI app: Creating intelligent research assistants with Strands

This post demonstrates building a functional AI research assistant in 30 lines of code using Strands Agents and AWS services. The example integrates Amazon Bedrock foundation models with Kiro, an AI-powered IDE that scaffolds agent code. Strands Powers package MCP servers and API patterns to enable rapid agent development without deep ML expertise.

#agents #Strands #rapid-development #IDE

Read article →

Cloud 5.0

AWS ML Blog

May 26, 2026

Build an enterprise observability solution for Amazon Quick

This post describes consolidating Amazon Quick operational data into a centralized observability solution using CloudWatch vended logs, CloudTrail events, and Amazon S3 data lakes. The solution enables tracking adoption, measuring user satisfaction, monitoring costs, and auditing governance across hundreds to thousands of users. QuickSight dashboards and Quick custom chat agents provide querying and analysis via Amazon Athena.

#observability #data-lake #Amazon Quick #governance

Read article →

AI 8.0

Meta Engineering

May 26, 2026

SilverTorch: Index as Model — A New Retrieval Paradigm for Recommendation Systems

Meta introduces SilverTorch, a unified neural-network-based retrieval system that replaces microservice-based recommendation pipelines, achieving 23.7x higher throughput and 20.9x better compute efficiency on GPUs. The system narrows millions of content items to thousands in under 100ms using a single model instead of stitched microservices.

#recommendation systems #retrieval #GPU #neural networks

Read article →

AI 7.0

Google Cloud Blog

May 26, 2026

How we evolved Google's global and data center networks for the AI era

Google describes architectural changes to its global network and data centers to support AI workloads, including strategic placement near renewable energy sources, cross-campus workload distribution, and a vertically integrated stack from chips to Gemini Enterprise Agent Platform.

#AI infrastructure #network architecture #data center design #agents

Read article →

Cloud 5.0

AWS ML Blog

May 26, 2026

Transforming professional work: How Amazon Quick turns document creation from hours into minutes

Amazon Quick automates document and visualization creation by pulling live data from QuickSight dashboards, S3 data lakes, Redshift, and RDS, then assembling formatted professional documents. The system integrates organizational knowledge bases (Spaces) to inject company-specific context and terminology. Quick supports five output types including Word, PowerPoint, and Excel with full editability and brand consistency.

#Amazon Quick #document-generation #data-integration

Read article →

Security 5.0

The Hacker News

May 26, 2026

MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries

Iranian hacking group MuddyWater conducted a campaign affecting at least nine organizations across nine countries in Q1 2026 using DLL side-loading techniques. Targets included industrial and electronics manufacturing, education, public sector, financial services, and professional services, per Symantec and Carbon Black threat research.

#DLL side-loading #espionage #threat intelligence #supply-chain

Read article →

AI 6.0

The New Stack

May 26, 2026

The reason enterprise outages almost never start where ops teams think

HPE argues that hybrid cloud complexity and siloed systems make outage root causes invisible to traditional dashboards. The solution is moving from reactive monitoring to closed-loop operations using AI agents that treat orchestration, observability, and remediation as a continuous feedback cycle, requiring platform engineering strategy and predictive capabilities.

#agents #observability #platform engineering #remediation

Read article →

AI 7.0

Docker Blog

May 26, 2026

The Untrusted Autonomous Workload: How AI Coding Agents Reshape What Isolation Has to Do

A developer describes using Claude Code to migrate 146 blog posts and 6,024 images, achieving high Lighthouse scores but losing understanding of the codebase through iterative agent fixes. The post argues that autonomous agents with real codebase access create a trust problem: code works but developers cannot explain what is underneath, raising isolation and sandboxing concerns for production AI agents.

#agents #code generation #isolation #security

Read article →

AI 6.0

The New Stack

May 26, 2026

Taming the agentic influx: a blueprint for AI business observability

Analyst Kin Lane draws parallels between the current AI spending crisis and early cloud migration, arguing that organizations without strong engineering foundations and clear domain-driven design will struggle. The core problem: API sprawl and application proliferation have outpaced visibility, and AI agents amplify this hidden-liability problem at scale.

#agents #observability #API governance #cost visibility

Read article →

DevOps 6.0

InfoQ DevOps

May 26, 2026

Platform Engineering Labs Expands formae with Kubernetes Support, Native Helm Integration

Platform Engineering Labs released a major update to formae, an open-source Infrastructure-as-Code platform, adding full Kubernetes support, native Helm integration, direct .tfvars compatibility, and a public plugin hub for cloud-native infrastructure management.

#IaC #Kubernetes #Helm #Terraform

Read article →

Security 7.0

The Hacker News

May 26, 2026

Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions

Microsoft released patches for CVE-2026-45659, a CVSS 8.8 remote code execution vulnerability in SharePoint caused by unsafe deserialization of untrusted data. The flaw requires no special conditions to exploit and affects multiple SharePoint server versions.

#CVE #RCE #SharePoint #deserialization

Read article →

Security 6.0

Google Cloud Blog

May 26, 2026

New study: Securing AI in the browser is a top priority for IT Leaders

An Omdia survey of 400 IT and security professionals found that 92% of organizations permit public GenAI use, mostly in browsers, making browser security a top-five priority. The study highlights data leakage risks as AI workflows traverse unmanaged browser environments.

#browser security #GenAI #data loss prevention #enterprise security

Read article →

AI 8.0

CNCF Blog

May 26, 2026

How Jaeger is evolving to trace AI agents with OpenTelemetry

Jaeger is evolving to trace AI agent workloads by rebuilding its core in v2 with native OpenTelemetry integration and adopting Model Context Protocol (MCP), Agent Client Protocol (ACP), and Agent-User Interaction Protocol (AG-UI). This addresses the complexity of tracing prompt assembly, vector database retrievals, and external tool calls that traditional distributed tracing tools cannot handle.

#observability #agents #OpenTelemetry #tracing

Read article →

AI 7.0

The New Stack

May 26, 2026

How the AC/DC framework helps teams govern AI coding agents

The Agent Centric Development Cycle (AC/DC) framework defines four stages for agentic code generation at scale: Guide, Generate, Verify, Solve. While Generate gets market attention, the framework succeeds or fails on Guide (correct assumptions), Verify (catching errors before compounding), and Solve (handling growing problem queues). Verification has moved to center stage as agents produce thousands of lines per cycle.

#agents #code generation #verification #governance

Read article →

Security 8.0

The Hacker News

May 26, 2026

MFA Prompt Bombing: Why Your Second Factor Isn't Saving You

MFA prompt bombing attacks exploit user fatigue by flooding authentication prompts until users approve malicious login attempts. The attack bypasses the security benefit of MFA by manipulating human behavior rather than defeating cryptography.

#MFA #prompt bombing #social engineering #authentication

Read article →

Security 7.0

The Hacker News

May 26, 2026

CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks

India's CERT-In issued new guidelines requiring organizations to patch critical internet-exposed vulnerabilities within 12 hours where feasible, citing threat actors using AI and LLMs to automate vulnerability discovery and exploitation.

#CVE #patch management #AI-assisted attacks #LLM

Read article →

AI 7.0

InfoQ DevOps

May 26, 2026

Presentation: Realtime and Batch Processing of GPU Workloads

Joseph Stein covers building an enterprise AI-as-a-Service platform in a private cloud data center, focusing on GPU pool utilization via multi-namespace scheduling, atomic priority queuing with Valkey and Lua, OWASP Top 10 LLM risk mitigation through central proxy gateways, and batch scaling using a custom S3-to-Kafka proxy.

#GPU scheduling #Kubernetes #LLM infrastructure #queue management

Read article →

Security 6.0

The Hacker News

May 26, 2026

Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning

Nimbus Manticore, an Iranian state-sponsored group, deployed MiniFast and MiniJunk V2 malware via phishing and SEO poisoning targeting aviation and software sectors across the U.S., Europe, and Middle East following geopolitical tensions.

#APT #malware #phishing #SEO poisoning

Read article →

Security 7.0

The Hacker News

May 26, 2026

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

A CVSS 7.5 vulnerability in Digital Knowledge KnowledgeDeliver LMS was exploited as a zero-day to deliver Godzilla web shell and Cobalt Strike Beacon. The flaw stems from hard-coded ASP.NET machine keys in the learning management system.

#CVE #zero-day #web shell #Cobalt Strike

Read article →

Cloud 6.0

AWS News

May 25, 2026

AWS Weekly Roundup: AWS Local Zones in Istanbul, open-source ExtendDB, Kiro Web, and more (May 25, 2026)

AWS opened a new Local Zone in Istanbul, Türkiye, bringing compute, storage, and networking services with single-digit millisecond latency to support data residency compliance in financial services, government, telecoms, and healthcare. The Local Zone requires the same operational excellence as a full Region and enables organizations to process data within specific jurisdictions.

#AWS #infrastructure #latency #compliance

Read article →

DevOps 7.0

The New Stack

May 25, 2026

GitLab 19.0 trades its string section for a full DevSecOps orchestra

GitLab 19.0 introduces expanded secrets management with fine-grained credential scoping, agentic merge request workflows, CI pipeline visibility, and supply chain visibility to address the AI paradox where increased AI-generated code multiplies security and compliance overhead. Secrets Manager flips the default from project-wide to job-specific credential access.

#secrets-management #DevSecOps #CI/CD #supply-chain

Read article →

Security 5.0

The Hacker News

May 25, 2026

Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

Weekly security roundup covering multiple vulnerability classes: Linux kernel flaws, Windows Defender zero-days, router botnet campaigns, and supply-chain compromises. Organizations discovered unpatched legacy systems and forgotten servers requiring immediate remediation. Phishing tactics are shifting toward more targeted, sophisticated social engineering.

#CVE #supply-chain #phishing #Linux

Read article →

Security 9.0

Google Cloud Blog

May 25, 2026

Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerability

CVE-2026-5426 is a critical RCE vulnerability in KnowledgeDeliver LMS caused by hardcoded, identical ASP.NET machineKey values across all customer deployments. Attackers who obtained the key from one instance could compromise any internet-facing KnowledgeDeliver installation. Mandiant responded to active exploitation in late 2025 where threat actors injected malicious code into the LMS to infect users.

#CVE #RCE #ASP.NET #ViewState

Read article →

Security 8.0

Google Cloud Blog

May 25, 2026

2 PhaaS 2 Furious: The Evolution of Chinese-language Phishing Services

Google Threat Intelligence Group analyzed a dozen mature Phishing-as-a-Service (PhaaS) offerings in the Chinese underground, revealing a shift from static password harvesting to real-time OTP interception and MFA bypass. Attackers now use live admin panels to capture one-time passcodes in real-time and tokenize stolen payment data. Encrypted delivery channels like RCS and iMessage bypass SMS security filters.

#phishing #MFA bypass #PhaaS #credential theft

Read article →

Security 6.0

Krebs on Security

May 25, 2026

Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks

Dutch authorities arrested two co-owners of hosting companies for operating infrastructure used by Russia to conduct cyberattacks, influence operations, and disinformation campaigns in the EU. The investigation focused on Stark Industries Solutions, a sanctioned ISP that became a major source of DDoS attacks and proxy services linked to Russian-backed hacking groups.

#threat-intelligence #DDoS #sanctions #infrastructure

Read article →

Security 8.0

The Hacker News

May 25, 2026

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Threat actors are actively exploiting CVE-2026-26980 (CVSS 9.4), an SQL injection flaw in Ghost CMS Content API, to inject malicious JavaScript on 700+ compromised sites. The unauthenticated vulnerability allows arbitrary data exfiltration and code injection, enabling ClickFix scam campaigns. Exploitation began immediately after public disclosure.

#CVE #SQL injection #RCE #Ghost CMS

Read article →

DevOps 6.0

InfoQ DevOps

May 25, 2026

Presentation: From Legacy to Sovereignty: Driving the Future of Insurance through Platform Engineering

Sergiu Petean discusses evolving DevOps into platform engineering within regulated enterprises, using dynamic reference architectures, aligning platform KPIs to board-level goals, reducing cognitive load through custom team topologies, and maintaining innovation sovereignty via open-source technology.

#platform engineering #DevOps #team topology #architecture

Read article →

AI 7.0

The Hacker News

May 25, 2026

The Alert Firehose Finally Meets Its Match

Network Detection and Response (NDR) platforms equipped with agentic AI capabilities are reducing false positives and enabling faster threat triage compared to traditional NDR. AI agents autonomously correlate alerts, prioritize high-confidence signals, and accelerate incident response workflows. The shift addresses the long-standing NDR complaint of alert fatigue.

#AI agents #NDR #threat detection #false positives

Read article →

DevOps 8.0

CNCF Blog

May 25, 2026

Zero-Downtime migration from ingress NGINX to Envoy Gateway

CNCF case study of migrating from Ingress NGINX to Envoy Gateway on AWS with zero downtime, using weighted DNS cutover strategy. Covers evaluation, testing, and operational risk mitigation for teams moving to Gateway API as Ingress NGINX reaches end-of-life with no security patches or new features.

#Kubernetes #Envoy #Gateway API #Ingress

Read article →

DevOps 7.0

CNCF Blog

May 25, 2026

Why Kubernetes policy enforcement happens too late—and what to do about it

CNCF analysis of Kubernetes policy-as-code timing: tools like OPA, Kyverno, and Conftest catch violations at CI/CD or admission control stages, but by then developers have already written code and context is lost. The article explores shifting policy enforcement earlier in the development workflow to catch misconfigurations before code review.

#Kubernetes #policy-as-code #OPA #Kyverno

Read article →

Security 8.0

The Hacker News

May 25, 2026

Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms

Lazarus Group is deploying RemotePE, a cross-platform memory-only remote access trojan, in multi-stage attacks targeting financial and cryptocurrency organizations. The attack chain uses DPAPILoader and RemotePELoader to decrypt and execute payloads without touching disk. NCC Group's Fox-IT identified the campaign and attributed it to North Korea-linked threat actors.

#Lazarus #RAT #malware #financial

Read article →

Security 9.0

The Hacker News

May 25, 2026

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor campaign distributes credential-stealing malware across npm, PyPI, and Crates.io with 34+ malicious packages spanning 384+ versions. Attack began May 22, 2026, with coordinated package publication waves across all three ecosystems. Malware targets developer credentials and secrets stored in environment variables and configuration files.

#supply-chain #npm #PyPI #Crates.io

Read article →

AI 8.0

Anthropic Engineering

May 25, 2026

How we contain Claude across products

Anthropic details containment strategies for increasingly capable agents across claude.ai, Claude Code, and Cowork, addressing how to limit blast radius as agent capabilities grow. The post covers engineering approaches to sandboxing and resource isolation.

#agents #safety #containment #sandboxing

Read article →

AI 5.0

Hugging Face Blog

May 25, 2026

Harness, Scaffold, and the AI Agent Terms Worth Getting Right

Hugging Face publishes a glossary of AI agent terminology, clarifying concepts like harness, scaffold, and other foundational terms to establish shared vocabulary across the agent development community.

#agents #terminology #LLM #definitions

Read article →

AI 8.0

The New Stack

May 24, 2026

Who's monitoring the agents?

Production multi-agent systems built with CrewAI, AutoGen, and LangGraph lack operational visibility comparable to mature microservices monitoring. Teams are deploying agents with minimal observability into execution paths, leading to inefficient loops, cascading retries, and latency issues that go undetected until they impact real data and users.

#agents #observability #production #LangGraph

Read article →

DevOps 8.0

The New Stack

May 24, 2026

How Jaeger hit 8.6× compression on 10 million spans with ClickHouse

Jaeger v2.18.0 adds native ClickHouse storage backend, achieving 8.6x compression on massive span volumes through columnar storage. The integration enables millisecond-scale analytical queries across billions of traces while maintaining append-only write efficiency, addressing long-standing user requests for a production-grade alternative to Cassandra and Elasticsearch.

#observability #tracing #ClickHouse #Jaeger

Read article →

AI 7.0

The New Stack

May 24, 2026

What ClickHouse learned from a year of coding with AI agents

ClickHouse shares a year of production experience with AI coding agents, categorizing use cases into three levels: chat copy-paste (exploration), CLI/IDE agents (routine tasks with hand-holding), and autonomous multi-agent loops (spec-driven, still maturing). The team found agents effective for specific workflows but not universally applicable, with tooling and reliability improving significantly through 2025.

#agents #coding #tool-use #LLM

Read article →

Security 7.0

The Hacker News

May 23, 2026

npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks

npm now offers staged publishing, requiring maintainers to pass 2FA verification before packages become publicly available. This feature gives package owners explicit control over release approval and reduces the window for automated supply-chain attacks.

#supply-chain #npm #2FA #package-security

Read article →

Security 8.0

The Hacker News

May 23, 2026

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

Eight Packagist packages were compromised with malicious code injected into package.json rather than composer.json, targeting JavaScript consumers in polyglot projects. The attack retrieved a Linux binary from a GitHub Releases URL, bypassing traditional Composer-only defenses.

#supply-chain #Packagist #malware #Composer

Read article →

Security 8.0

Snyk Blog

May 23, 2026

Laravel Lang Supply Chain Advisory

Hundreds of historical Laravel Lang Packagist releases were republished with malicious code, exposing Composer installs to credential theft and secret exfiltration. The attack compromised a widely-used PHP localization package affecting Laravel projects across the ecosystem.

#supply-chain #malware #Composer #PHP

Read article →

AI 8.0

The New Stack

May 23, 2026

OpenClaw passed 300,000 GitHub stars. Then Google launched Spark.

Analysis of the architectural divergence between OpenClaw (local, on-device agent running on personal hardware) and Google's Gemini Spark (cloud-hosted agent on Google Cloud VMs). Both converge on MCP for tool connectivity but differ fundamentally on data residency and control.

#agents #MCP #tool use #deployment

Read article →

AI 8.0

The New Stack

May 23, 2026

Anthropic's $300M Stainless deal lands hardest on OpenAI and Google

Anthropic acquired Stainless, the SDK generation platform that previously served OpenAI, Google, and Anthropic. Stainless automated production SDK generation from OpenAPI specs across TypeScript, Python, Go, Java, and Kotlin, plus MCP server generation for agent tool connectivity.

#SDK #MCP #agents #tool use

Read article →

AI 7.0

The New Stack

May 23, 2026

How MCP and synthetic data are reshaping compliance in the agentic era

Examines data governance challenges as AI agents operate autonomously across development pipelines, CI/CD, training datasets, and memory stores. Proposes synthetic data and MCP-based governance patterns to prevent sensitive data leakage at machine speed.

#agents #data governance #MCP #synthetic data

Read article →

AI 7.0

The Hacker News

May 23, 2026

Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software

Anthropic's Project Glasswing, a defensive AI initiative, has uncovered over 10,000 high- or critical-severity vulnerabilities in systemically important open-source software since launch. Claude is being used to identify and report security flaws at scale across the global software supply chain.

#LLM #vulnerability-discovery #security-research #Claude

Read article →

Security 9.0

The Hacker News

May 23, 2026

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

CVE-2026-48172 (CVSS 10.0) in LiteSpeed User-End cPanel Plugin allows any cPanel user to execute arbitrary scripts with root privileges via incorrect privilege assignment. The flaw is under active exploitation in the wild.

#CVE #privilege-escalation #cPanel #LiteSpeed

Read article →

Security 9.0

The Hacker News

May 23, 2026

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

CVE-2026-9082 (CVSS 6.5), a critical SQL injection vulnerability in Drupal Core affecting all supported versions, has been added to CISA's Known Exploited Vulnerabilities catalog due to active exploitation. The flaw allows attackers to execute arbitrary SQL queries.

#CVE #SQL-injection #Drupal #CISA-KEV

Read article →

Cloud 7.0

Databricks Blog

May 23, 2026

Scaling for MHHS: how Octopus Energy achieved a 50x cost reduction in margin data engineering

Octopus Energy reduced data engineering costs 50x by migrating margin calculations to Databricks, moving from legacy batch systems to unified analytics. Details workflow optimization for UK energy market half-hourly settlement (MHHS) compliance.

#data engineering #cost optimization #Databricks #ETL

Read article →

AI 7.0

Hugging Face Blog

May 23, 2026

Towards Speed-of-Light Text Generation with Nemotron-Labs Diffusion Language Models

NVIDIA's Nemotron-Labs Diffusion applies diffusion-based generation to language models, targeting faster inference than autoregressive decoding. The approach trades off traditional token-by-token generation for parallel decoding, potentially reducing latency in real-time applications.

#LLM #inference #diffusion #Nemotron

Read article →

AI 7.0

Databricks Blog

May 22, 2026

Accelerating LLM Inference with Prompt Caching for Open-Source Models on Databricks

Databricks implements prompt caching for open-source LLM inference to reduce latency and compute cost on repeated queries. The feature caches prompt tokens across requests, enabling faster inference for applications with repeated context like RAG and multi-turn conversations.

#LLM #inference #prompt caching #open-source models

Read article →

AI 8.0

Databricks Blog

May 22, 2026

Observability for any agent, anywhere: Production-ready tracing with OpenTelemetry & Unity Catalog on Databricks

Databricks ships production-ready tracing for AI agents using OpenTelemetry and Unity Catalog, enabling observability across any agent framework or deployment environment. The integration standardizes agent telemetry collection, making it easier to debug, monitor, and audit agent behavior in production.

#agents #observability #OpenTelemetry #tracing

Read article →

AI 8.0

The New Stack

May 22, 2026

What Anthropic and OpenAI launched in 72 hours has Wall Street paying attention

Anthropic and OpenAI each launched enterprise deployment arms within 72 hours: Anthropic's services firm (backed by Blackstone, Goldman Sachs) targets mid-market enterprises with embedded applied AI engineers, while OpenAI's DeployCo (backed by $4B+ and 150 FDEs from Tomoro acquisition) targets large enterprises. Both bet that deployment, not model quality, is the next frontier.

#agents #enterprise deployment #financial services #applied AI

Read article →

Security 6.0

The Hacker News

May 22, 2026

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

Authorities in Europe and North America have dismantled First VPN Service, a criminal VPN used by 25 ransomware groups to obscure attack origins. The takedown was led by France and the Netherlands and targeted infrastructure used for ransomware attacks, data theft, scanning, and denial-of-service operations.

#ransomware #VPN #threat-intelligence #law-enforcement

Read article →

DevOps 7.0

Azure Blog

May 22, 2026

Powering multi-cluster workloads with seamless cross-cluster networking for Azure Kubernetes Fleet Manager

Azure Kubernetes Fleet Manager now offers cross-cluster networking in public preview, powered by Advanced Container Networking Services. The feature eliminates complex VPN and gateway configurations, enabling transparent east-west networking across AKS clusters in multiple regions.

#Kubernetes #multi-cluster #networking #Azure

Read article →

Security 8.0

Krebs on Security

May 22, 2026

Lawmakers Demand Answers as CISA Tries to Contain Data Leak

A CISA contractor intentionally published AWS GovCloud keys and plaintext credentials to dozens of internal CISA systems on a public GitHub account called 'Private-CISA', with commit logs showing the contractor disabled GitHub's secret-scanning protections. The repository was created in November 2025 and used as a working scratchpad, exposing the breach for months.

#credential-exposure #GitHub #AWS #breach

Read article →

Security 5.0

The Hacker News

May 22, 2026

Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware

Belarus-aligned threat actor Ghostwriter (UAC-0057, UNC1151) is targeting Ukrainian government organizations with phishing emails using lures related to Prometheus, a Ukrainian online learning platform. The campaign is tracked by Ukraine's CERT-UA and represents ongoing state-sponsored targeting of government infrastructure.

#phishing #malware #threat-actor #government

Read article →

AI 7.0

GitHub Blog

May 22, 2026

GitHub recognized as a Leader in the Gartner Magic Quadrant for Enterprise AI Coding Agents for the third year in a row

GitHub Copilot now serves 140,000 organizations (triple year-over-year) with agentic workflows spanning code generation, review, security, and deployment. The platform shifts developer focus from writing code to orchestrating agent outcomes across the full SDLC, with Copilot CLI adoption nearly doubling month-over-month.

#agents #code generation #SDLC #tool use

Read article →

AI 7.0

NVIDIA Developer Blog

May 22, 2026

Synthesize Realistic 3D Medical Images at Scale to Ship Pre-Trained Models

NVIDIA addresses data scarcity in medical imaging by synthesizing realistic 3D training data to overcome privacy and annotation bottlenecks. The approach enables teams to train robust radiology AI models without relying on limited real datasets, with pre-trained models ready for deployment.

#synthetic data #medical imaging #training data #generative models

Read article →

AI 7.0

Google Cloud Blog

May 22, 2026

What's new with Google Cloud

Google Cloud announced new LLM benchmarking and optimization tools for on-device deployment via Google AI Edge Portal, supporting testing across 120+ Android devices. The portal enables developers to benchmark and debug fine-tuned LLM performance on diverse hardware tiers, plus new AI governance features for enterprise MCP (Model Context Protocol) endpoints and audit logging.

#LLM #edge deployment #benchmarking #on-device inference

Read article →

AI 6.0

Google Cloud Blog

May 22, 2026

The Blueprint: How Movix fills a gap in dental skills with specialized agentic AI

Movix built an agentic AI solution for dental appliance manufacturers to automate quality control and reduce rework costs in aligner production. The system addresses a shortage of skilled dental technicians by automating technical workflows, reducing per-unit rework costs from $300 (25% of retail price) to near zero through AI-driven inspection and process optimization.

#agents #agentic workflows #domain-specific AI #manufacturing

Read article →

AI 6.0

Hugging Face Blog

May 22, 2026

Specialization Beats Scale: A Strategic Variable Most AI Procurement Decisions Overlook

Analysis arguing that specialized smaller models often outperform larger general-purpose models on specific tasks, challenging the assumption that scale alone drives performance. The piece examines trade-offs in model selection for production deployments.

#LLM #model selection #fine-tuning #cost-efficiency

Read article →

AI 6.0

The New Stack

May 22, 2026

JetBrains is selling independence as the rest of AI coding picks sides

JetBrains positions itself as the only independent AI coding tool vendor, with its agent Junie defaulting to Gemini Flash but supporting Claude and OpenAI models interchangeably. Competitors have consolidated: Cursor ties to xAI, Windsurf split between Google and Cognition, Copilot to Microsoft-OpenAI.

#agents #code generation #model agnostic #IDE

Read article →

Cloud 6.0

Azure Blog

May 22, 2026

Azure NetApp Files for EDA workloads: From revolution to breakthrough at scale

Azure NetApp Files now supports high-concurrency EDA workloads at cloud scale with predictable low-latency shared storage, addressing the historical constraint of thousands of concurrent simulation, synthesis, and verification jobs accessing shared datasets. The update includes new independent benchmarks and adoption by leading semiconductor companies, positioning Azure as a viable alternative to on-premises EDA infrastructure.

#Azure NetApp Files #EDA #storage #high-concurrency

Read article →

AI 7.0

The New Stack

May 22, 2026

Three ways operational debt will break your AI strategy, and how to recover

84% of companies have experienced AI-related outages, yet most use incident processes built for slower, human-first systems. PagerDuty research shows 68% lose over $300k/hour during downtime; AI failures are harder to detect than traditional incidents because models drift and agents misinterpret context, requiring new observability and resilience patterns.

#AI operations #incident management #observability #resilience

Read article →

AI 5.0

The New Stack

May 22, 2026

I buried 20 problems in a fake P&L to see if Claude for Small Business could find them

Anthropic's Claude for Small Business adds native connectors to QuickBooks, HubSpot, Canva, Google Workspace, and other SaaS tools. The author tested Claude's ability to read a 9-tab P&L with 20 deliberately planted financial anomalies, ranging from obvious red flags to subtle nuances requiring expert judgment.

#LLM #tool use #business automation #financial analysis

Read article →

AI 7.0

The New Stack

May 22, 2026

Why enterprise AI keeps stalling — and how data streaming could unlock it

McKinsey data shows 8 in 10 companies cite data limitations as a blocker to scaling agentic AI. Confluent argues the bottleneck is fragmented data across databases, SaaS, warehouses, and security silos, not model quality. Confluent Intelligence and Cloud capabilities aim to provide real-time data streaming as a secure foundation for AI agents to reason across live business data.

#agents #data infrastructure #streaming #enterprise AI

Read article →

Security 7.0

The New Stack

May 22, 2026

JFrog report recaps a tumultuous year in supply chain security

JFrog's 2026 supply chain security report warns that AI models and agentic development tools have become primary attack vectors, with bad actors weaponizing IDE extensions, MCP servers, and developer tools for first-contact exploitation. The report argues existing security controls cannot keep pace with the expanded threat surface now spanning dependencies, binaries, and AI artifacts.

#supply-chain #AI #security #threat-landscape

Read article →

DevOps 7.0

InfoQ DevOps

May 22, 2026

Discord Rebuilds Database Operations Around Automation to Manage ScyllaDB at Massive Scale

Discord built an internal orchestration framework called Scylla Control Plane (SCP) to automate large-scale ScyllaDB cluster management, reducing tasks that previously took days of manual work to automated operations. The system enables a small infrastructure team to manage massive ScyllaDB deployments through automation.

#ScyllaDB #orchestration #database automation #infrastructure

Read article →

Security 8.0

The Hacker News

May 22, 2026

Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows

Megalodon campaign injected 5,718 malicious commits into 5,561 GitHub repositories within six hours using throwaway accounts and forged author identities. The attack embedded base64-encoded bash payloads in GitHub Actions workflows designed to exfiltrate data from CI/CD environments.

#GitHub-Actions #CI/CD #supply-chain #malware

Read article →

Security 6.0

The Hacker News

May 22, 2026

Making Vulnerable Drivers Exploitable Without Hardware - The BYOVD Perspective

Technical analysis of how Windows kernel-mode drivers can be exploited from user mode without the hardware they were designed for, addressing the challenge of evaluating driver vulnerability exploitability when reachability is hardware-gated. This work applies BYOVD (Bring Your Own Vulnerable Driver) techniques to driver-oriented vulnerability research.

#Windows #kernel #driver-vulnerability #BYOVD

Read article →

DevOps 7.0

CNCF Blog

May 22, 2026

Designing end-to-end ingress request tracing for multi-tenant SaaS platforms

CNCF article presents a framework for end-to-end request tracing in multi-tenant Kubernetes-based SaaS platforms using OpenTelemetry and W3C Trace Context standards. The framework addresses the challenge of correlating logs and metrics across dozens of microservices to diagnose failures and latency regressions without shared request context.

#observability #tracing #Kubernetes #OpenTelemetry

Read article →

DevOps 6.0

Databricks Blog

May 22, 2026

Using observability data to prevent incidents

Databricks demonstrates how to ingest observability signals (metrics, logs, traces) into a lakehouse and apply ML models to detect anomalies and predict failures before they cascade. The approach treats observability data as a queryable asset rather than siloed telemetry.

#observability #anomaly detection #incident prevention #ML

Read article →

AI 5.0

Databricks Blog

May 22, 2026

How Databricks Genie democratizes data access in financial services

Databricks Genie enables financial services teams to query data via natural language without SQL expertise, reducing time-to-insight for business intelligence and compliance workflows. The platform integrates with Databricks' unified data lakehouse to surface insights across fragmented data sources.

#LLM #RAG #data access #business intelligence

Read article →

AI 8.0

InfoQ DevOps

May 22, 2026

Cloudflare Completes Its Agent Infrastructure Stack with Browser Run Rebuild and Six-Layer Platform

Cloudflare rebuilt Browser Run on its Containers platform, achieving 4x higher concurrency and 50% faster response times. The completion of a six-layer agent infrastructure stack includes compute (Dynamic Workers + Sandboxes), orchestration (Dynamic Workflows), memory (Agent Memory), browsing (Browser Run), and commerce (Stripe Projects).

#agents #infrastructure #Workers #containers

Read article →

Security 5.0

The Hacker News

May 22, 2026

Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks

Jacob Butler, 23, from Ottawa was arrested by the U.S. Department of Justice for operating Kimwolf, a DDoS botnet variant of AISURU used for DDoS-for-hire attacks. The arrest marks enforcement action against a major botnet operator.

#botnet #DDoS #cybercrime #law-enforcement

Read article →

Security 7.0

The Hacker News

May 22, 2026

CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV

CISA added CVE-2025-34291 (CVSS 9.4) in Langflow and a Trend Micro Apex One vulnerability to its Known Exploited Vulnerabilities catalog, citing active exploitation in the wild. The Langflow flaw is an origin validation error that enables unauthorized access.

#CVE #Langflow #Trend-Micro #CVSS-9.4

Read article →

Security 9.0

The Hacker News

May 22, 2026

Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access

Cisco released patches for CVE-2026-20223, a CVSS 10.0 vulnerability in Secure Workload REST API that allows unauthenticated remote attackers to access sensitive data due to insufficient validation and authentication on API endpoints. The flaw requires immediate patching to prevent unauthorized data exposure.

#CVE #REST API #authentication #Cisco Secure Workload

Read article →

AI 6.0

OpenAI Blog

May 22, 2026

How Virgin Atlantic ships faster with Codex

Virgin Atlantic deployed Codex to accelerate mobile app development on a fixed holiday deadline, achieving near-total unit test coverage and zero P1 defects. The case study demonstrates Codex's practical impact on shipping velocity and code quality in time-constrained production environments.

#agents #code generation #Codex #testing

Read article →

AI 5.0

OpenAI Blog

May 22, 2026

OpenAI named a Leader in enterprise coding agents by Gartner

OpenAI received a Leader designation in Gartner's 2026 Magic Quadrant for Enterprise AI Coding Agents, with Codex highlighted for innovation and enterprise-scale deployment capabilities. The recognition reflects Codex's ability to handle production coding workflows at organizational scale.

#agents #code generation #Codex #enterprise AI

Read article →

AI 5.0

Anthropic Research

May 22, 2026

Project Glasswing: An initial update

Anthropic provides an update on Project Glasswing, an initiative focused on AI safety and alignment research. Details on specific technical contributions are limited in this initial announcement.

#safety #alignment #research #Claude

Read article →

AI 7.0

AWS ML Blog

May 21, 2026

Amazon Nova Act is now HIPAA eligible

Amazon Nova Act, a service for building browser-based AI agents, now qualifies as HIPAA-eligible, enabling healthcare organizations to automate workflows involving ePHI like claims processing and referral coordination. The service handles repetitive UI tasks, integrates with external APIs and MCP servers, and escalates to humans when needed.

#agents #agentic AI #browser automation #healthcare

Read article →

Security 6.0

Krebs on Security

May 21, 2026

Alleged Kimwolf Botmaster 'Dort' Arrested, Charged in U.S. and Canada

Jacob Butler, 23, of Ottawa was arrested for operating Kimwolf, an IoT botnet that infected millions of devices (digital photo frames, web cameras) and rented them for DDoS attacks, including strikes on DoD address ranges. Butler faces criminal hacking charges in both Canada and the US following a six-month campaign of DDoS, doxing, and swatting.

#botnet #DDoS #IoT #cybercrime

Read article →

AI 7.0

AWS ML Blog

May 21, 2026

Intelligent radiology workflow optimization with AI agents

This post demonstrates building a radiology worklist optimization system using AI agents on Amazon Bedrock AgentCore and Strands Agents SDK that routes studies based on radiologist specialization, workload, fatigue, and case complexity instead of rigid rules. Research across 62 hospitals showed inefficient assignment causes 17.7-minute delays and $2.1M-$4.2M in costs.

#agents #healthcare #workflow optimization #context-aware routing

Read article →

AI 7.0

NVIDIA Developer Blog

May 21, 2026

Automating and Optimizing Financial Signal Discovery with Multi-Agent Systems

NVIDIA explores multi-agent systems for quantitative finance, automating the discovery of trading signals from market data, economic indicators, and alternative sources like news sentiment. The approach applies agent frameworks to pattern recognition in financial datasets.

#agents #multi-agent #finance #signal discovery

Read article →

DevOps 7.0

NVIDIA Developer Blog

May 21, 2026

Get Real-Time Visibility into GPU Usage Across Kubernetes Clusters

NVIDIA addresses GPU observability gaps in Kubernetes clusters running AI workloads, providing visibility into per-pod GPU utilization, memory consumption, and pod scheduling state. The post tackles underutilization and idle pod detection across distributed GPU fleets.

#Kubernetes #GPU #observability #monitoring

Read article →

Engineering 6.0

GitHub Blog

May 21, 2026

Beyond the engine: 10 open source projects shaping how games actually get made

GitHub surveys 10 open-source tools for game development workflows outside the engine: Blockbench for low-poly 3D modeling, asset pipelines, level editors, and audio tools. Each project solves a specific pain point in game production and integrates with Godot, Unity, Unreal, and custom engines.

#game development #open-source #3D modeling #asset pipeline

Read article →

AI 7.0

The New Stack

May 21, 2026

Kore counts down to Artemis, its moonshot for governable AI agents

Kore released Artemis, a visual and code-based platform for building multi-agent AI systems using a declarative Agent Blueprint Language (ABL), dual-brain runtime, and machine architect that generates agents from plain-language objectives. The platform combines NLP, machine learning, and knowledge graphs for agent governance and optimization.

#agents #multi-agent systems #ABL #governance

Read article →

DevOps 7.0

NVIDIA Developer Blog

May 21, 2026

Unlock Exascale Performance on NVIDIA GB200 NVL72 with Slurm Topology-Aware Job Scheduling

NVIDIA demonstrates topology-aware job scheduling on GB200 NVL72 clusters to achieve exascale performance for trillion-parameter models. Slurm scheduling that understands hardware topology is critical for capturing full performance in shared GPU clusters.

#GPU #scheduling #Slurm #topology

Read article →

Engineering 6.0

InfoQ DevOps

May 21, 2026

Bintrail: MySQL Time-Travel Queries Using Indexed Binlogs

Bintrail adds point-in-time query and row-history lookup capabilities to MySQL via indexed binlogs behind ProxySQL, without modifying MySQL or application code. The tool enables querying data as of past timestamps and reviewing change history, addressing recovery and audit scenarios for the only major relational database lacking native temporal querying.

#MySQL #temporal queries #binlogs #audit

Read article →

Security 7.0

Cloudflare Blog

May 21, 2026

Announcing Claude Compliance API support with Cloudflare CASB

Cloudflare extends its cloud access security broker (CASB) to support Claude Compliance API, giving security teams dashboard visibility into Claude usage without endpoint agents. The integration addresses the gap in AI governance where organizations can block unauthorized tools but lack visibility into how employees interact with sanctioned AI applications.

#CASB #Claude #AI governance #security visibility

Read article →

AI 6.0

Snyk Blog

May 21, 2026

Snyk announces Anthropic updates: Evo integrates with Claude Enterprise, and Snyk Desk comes to Claude Desktop

Snyk integrates Evo with Anthropic's Claude Enterprise for AI-assisted development workflows, and launches the Snyk Security Desktop Extension in Claude for macOS and Windows. These integrations bring security scanning directly into Claude's development environment.

#Claude #AI security #IDE integration #tool-use

Read article →

AI 7.0

AWS ML Blog

May 21, 2026

Integrating AWS API MCP Server with Amazon Quick using Amazon Bedrock AgentCore Runtime

This post shows how to use Amazon Bedrock AgentCore Runtime with MCP support to connect Amazon Quick with AWS services via the AWS API MCP Server, letting SREs and DevOps engineers query infrastructure in natural language without context-switching between console, CLI, and dashboards. Agents translate queries like 'Show running EC2 instances in us-east-1' directly to API calls.

#agents #MCP #AWS API #DevOps automation

Read article →

AI 8.0

AWS ML Blog

May 21, 2026

Building multi-tenant agents with Amazon Bedrock AgentCore

This post explores architectural patterns for multi-tenant agentic SaaS applications using Amazon Bedrock AgentCore, addressing tenant isolation, identity, observability, data isolation, cost attribution, and noisy neighbor mitigation. Bedrock AgentCore provides managed constructs for agents, MCP hosting, identity management, memory, and evaluations.

#agents #multi-tenant #SaaS architecture #isolation patterns

Read article →

AI 8.0

AWS ML Blog

May 21, 2026

Break the context window barrier with Amazon Bedrock AgentCore

This post demonstrates implementing Recursive Language Models (RLM) using Amazon Bedrock AgentCore Code Interpreter and Strands Agents SDK to process documents with no upper bound on context size. Agents orchestrate sub-LLM calls from a sandboxed Python environment to analyze specific document sections, solving the lost-in-the-middle problem for million-character documents.

#agents #context window #RLM #document analysis

Read article →

AI 8.0

AWS ML Blog

May 21, 2026

Build AI agents for business intelligence with Amazon Bedrock AgentCore

OPLOG, a fulfillment company, built a production BI system using three AI agents on Amazon Bedrock AgentCore with Strands Agents SDK, integrating Claude Sonnet and Bedrock Knowledge Bases for RAG. The system autonomously processes transactions and delivers real-time intelligence, achieving 35% reduction in sales cycles, 91% improvement in CRM data completeness, and 98% reduction in manual research time.

#agents #business intelligence #RAG #multi-agent

Read article →

AI 6.0

AWS ML Blog

May 21, 2026

Build an AI-powered recruitment assistant using Amazon Bedrock

This post presents a reference architecture for an AI-powered recruitment assistant using Amazon Bedrock that automates resume parsing, candidate scoring, skill assessment, and interview question generation. Amazon Bedrock Guardrails provide PII anonymization, prompt attack detection, and bias filtering across a serverless architecture.

#agents #recruitment #Guardrails #PII protection

Read article →

AI 6.0

Google Cloud Blog

May 21, 2026

The top announcements for startups from Google I/O '26

Google Cloud announced a unified Agent Platform for the agentic era, new TPUs optimized for training and inference, an Agentic Data Cloud, and integration of Wiz's cloud security platform with Google Threat Intelligence. Startups like Photoroom, Satisfi Labs, and Notion are building on the stack.

#agents #TPU #BigQuery #Gemini

Read article →

Cloud 6.0

Google Cloud Blog

May 21, 2026

AI Studio unlocks full-stack vibe coding with Cloud Run, Firebase, and Cloud SQL, no credit card required

Google AI Studio now integrates with Cloud SQL (PostgreSQL coming next month) alongside Firestore and Firebase Auth for full-stack deployments. New users can deploy two applications to Cloud Run on the Starter Tier without a billing account. The AI agent infers the appropriate database (relational or non-relational) for each app.

#AI Studio #Cloud Run #Cloud SQL #Firestore

Read article →

Cloud 6.0

Google Cloud Blog

May 21, 2026

Shipping features to production just got easier with new feature flags in AppLifecycle Manager

Google Cloud announces AppLifecycle Manager Feature Flags (ALM FF) in public preview, a rule-based service that decouples feature releases from code deployments. Teams can now ship code to production with features disabled by default, enabling continuous deployment while controlling the exact moment features go live via toggles, reducing deployment risk.

#feature flags #deployment #release management #continuous deployment

Read article →

Other 5.0

GitHub Blog

May 21, 2026

Building GitHub's next chapter in accessibility

GitHub outlines its five-year accessibility program evolution and announces a new strategy shifting from internal focus to community engagement. The company commits to three goals: empower people with disabilities in open-source contribution, increase assistive technology availability, and improve accessibility of mainstream projects.

#accessibility #open-source #inclusive design

Read article →

AI 7.0

AWS ML Blog

May 21, 2026

Build AI-powered dashboard automation agents with NLP on Amazon Bedrock AgentCore

This post demonstrates a multi-agent architecture using Amazon Bedrock AgentCore and Strands Agents that automates dashboard modifications in response to natural language requests, eliminating multi-day IT turnaround times. The solution integrates Amazon Quick for BI capabilities and uses agents to interpret requirements, navigate APIs, and deploy changes.

#agents #dashboard automation #NLP #multi-agent

Read article →

AI 6.0

NVIDIA Developer Blog

May 21, 2026

Building Token-Metered AI Services on Telco AI Factories

NVIDIA describes token-metered AI service architecture for sovereign AI factories built on the NVIDIA Cloud Partner reference architecture. The post addresses billing, resource isolation, and production-ready enterprise AI service delivery on telco infrastructure.

#LLM #inference #metering #billing

Read article →

AI 7.0

The New Stack

May 21, 2026

How to build your first end-to-end AI workflow in n8n

The New Stack publishes a hands-on tutorial for building an AI-integrated workflow in n8n, using a content publishing pipeline as the example. The guide covers triggers, AI agent integration, conditional routing, human approvals, API calls, and testing patterns applicable to any n8n automation.

#workflow automation #n8n #AI integration #tutorial

Read article →

AI 8.0

The New Stack

May 21, 2026

CI wasn't built for coding agents. Here's what comes next.

Traditional CI pipelines with 10-30 minute feedback loops are too slow for coding agents that iterate in seconds. The article proposes 'plans': small, agent-pickable end-to-end checks running inside the agent's session against real integration environments, collapsing the inner-loop validation gap that currently forces agents to ship partially validated code.

#agents #CI/CD #testing #LLM

Read article →

Security 7.0

The Hacker News

May 21, 2026

Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor

Researchers disclosed Showboat, a modular Linux post-exploitation framework deployed against Middle East telecom since mid-2022. The malware provides remote shell, file transfer, and SOCKS5 proxy capabilities for lateral movement.

#malware #Linux #backdoor #SOCKS5

Read article →

DevOps 7.0

CNCF Blog

May 21, 2026

Cloud Native Computing Foundation Announces OpenTelemetry's Graduation, Solidifying Status as the De Facto Observability Standard

OpenTelemetry graduated from CNCF incubation to stable status, marking production readiness as a vendor-neutral observability standard. The project now has 12,000+ contributors from 2,800+ companies and solves tool fragmentation by standardizing metrics, logs, and traces collection without vendor lock-in.

#observability #OpenTelemetry #metrics #traces

Read article →

Security 6.0

The New Stack

May 21, 2026

"Morally repugnant shortsightedness": Why open source security leaders say companies must stop freeloading on maintainers

OpenSSF announced five new members (ActiveState, Aikido, Minimus, TuxCare, FreeBSD Foundation) joining to address supply-chain security pressures and mandatory compliance standards like the EU Cyber Resilience Act. The foundation emphasizes that industry must fund open source security infrastructure rather than relying on volunteer maintainers.

#security #open-source #supply-chain #compliance

Read article →

AI 7.0

The New Stack

May 21, 2026

Building the agentic agreement enterprise: How developers are unlocking agentic experiences with Docusign's MCP server and platform

Docusign released an MCP server that makes its Intelligent Agreement Management platform agent-ready, allowing Claude, Gemini, Copilot, and ChatGPT to interact with agreement workflows without tab-switching. The server bridges the gap between generalist LLMs and domain-specific business logic, surfacing institutional memory needed for mission-critical agreement automation.

#agents #MCP #LLM #tool-use

Read article →

AI 8.0

The New Stack

May 21, 2026

Cut your AI search costs without sacrificing quality

Vespa AI and Voyage AI introduced asymmetric retrieval to slash query embedding costs: use a high-quality embedding model once at indexing time, then embed queries with a tiny local model. Voyage's voyage-4 family shares a common vector space across all four models, eliminating reindexing and reducing query embedding bills from ~$15,500/month to near-zero at 10K QPS.

#RAG #embeddings #cost-optimization #retrieval

Read article →

AI 7.0

InfoQ DevOps

May 21, 2026

Presentation: The Ironies of A^2 I^2

J. Paul Reed discusses how the 40-year-old concept of automation ironies is amplified by AI, showing that advanced systems often make human operators more critical while degrading their intervention skills. Real-world incident stories illustrate how over-reliance on AI can double recovery times and why maintaining resilience requires understanding these paradoxes.

#automation #AI incidents #resilience #incident response

Read article →

Security 5.0

The Hacker News

May 21, 2026

ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories

Weekly threat roundup covering Linux rootkits, router 0-days, AI-driven intrusions, and scam kits. The bulletin highlights a shift in attacker tactics: exploiting trusted infrastructure (updates, apps, cloud services, support channels) rather than forcing new breaches, making detection harder.

#rootkits #0-day #supply-chain #threat-intelligence

Read article →

AI 9.0

CNCF Blog

May 21, 2026

How NetEase Games achieved 30-second LLM cold starts on Kubernetes

NetEase Games reduced LLM inference cold starts from 42 minutes to 3 minutes on Kubernetes by using Fluid's prefetching workflow to cache model weights locally instead of pulling from remote storage. For 70B-class models, this transformed serverless GPU infrastructure from theoretical to operationally viable for bursty game traffic.

#LLM #inference #Kubernetes #GPU

Read article →

Security 8.0

The Hacker News

May 21, 2026

Microsoft Warns of Two Actively Exploited Defender Vulnerabilities

Microsoft disclosed two actively exploited flaws in Defender: CVE-2026-41091 (CVSS 7.8, privilege escalation via improper link resolution) and a denial-of-service flaw. Successful exploitation of the privilege escalation allows attackers to gain SYSTEM privileges on affected machines.

#CVE #privilege-escalation #Windows Defender #active-exploitation

Read article →

Security 7.0

The Hacker News

May 21, 2026

When Identity is the Attack Path

Analysis of how cached AWS access keys on a single Windows machine, obtained through normal credential caching, can expose 98% of cloud entities to compromise. The article demonstrates that standard AWS behavior and proper configuration are insufficient to prevent identity-based lateral movement.

#AWS #identity #lateral-movement #cloud-security

Read article →

Security 7.0

Google Cloud Blog

May 21, 2026

Securing Your Gemini and Google API Keys

Google Cloud publishes guidance on securing API keys used for Gemini and Google Cloud APIs, addressing widespread misuse after seeing requests for protection tutorials. The post covers key generation best practices including creating keys in standalone projects, restricting API access, and limiting client applications to reduce hijacking risk.

#API keys #security #Gemini #credential management

Read article →

DevOps 5.0

InfoQ DevOps

May 21, 2026

OpenTofu 1.12: The Feature Terraform Never Shipped

OpenTofu released version 1.12.0 on May 14, 2026, resolving long-standing issues that infrastructure teams have faced. The update is not a complete rewrite but addresses gaps in the Terraform-compatible IaC tool.

#OpenTofu #Terraform #IaC #infrastructure

Read article →

Security 7.0

The Hacker News

May 21, 2026

9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros

CVE-2026-46333 (CVSS 5.5) is a nine-year-old Linux kernel privilege management flaw allowing unprivileged local users to disclose sensitive files and execute arbitrary commands as root on default installations of major distributions. The vulnerability went undetected across multiple kernel versions.

#CVE #Linux kernel #privilege-escalation #local-exploit

Read article →

Security 8.0

The Hacker News

May 21, 2026

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

GitHub confirmed that internal repository breach resulted from a compromised employee device running a poisoned version of the Nx Console VS Code extension (nrwl.angular-console). The extension was breached after one of the Nx developers' systems was hacked, enabling supply-chain compromise of GitHub's own infrastructure.

#supply-chain #VS Code extension #GitHub #malware

Read article →

Security 7.0

The Hacker News

May 21, 2026

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks

Drupal released security updates for CVE-2026-9082 (CVSS 6.5), a highly critical flaw in Drupal Core's database abstraction API affecting PostgreSQL-backed sites. The vulnerability enables remote code execution, privilege escalation, and information disclosure.

#CVE #Drupal #RCE #PostgreSQL

Read article →

AI 8.0

AWS ML Blog

May 20, 2026

Announcing OpenAI-compatible API support for Amazon SageMaker AI endpoints

SageMaker AI endpoints now expose an /openai/v1 path supporting OpenAI Chat Completions requests, allowing direct use of OpenAI SDK, LangChain, and Strands Agents without custom clients or SigV4 wrappers. Bearer token authentication enables drop-in compatibility with existing OpenAI-compatible clients and LLM gateways.

#LLM #inference #API compatibility #agents

Read article →

AI 8.0

The New Stack

May 20, 2026

NanoCo bets the future of enterprise AI is one sandboxed agent per employee

NanoCo launched a managed enterprise service deploying one Docker-sandboxed AI agent per employee, each isolated and personalized to individual roles and tools. The company raised $12M seed funding led by Valley Capital Partners with Docker and Vercel as participants. NanoClaw, the open-source agent framework, has accumulated 29k GitHub stars since February launch.

#agents #sandboxing #Docker #enterprise-AI

Read article →

Security 9.0

GitHub Blog

May 20, 2026

Investigation update: GitHub Enterprise Server signing key rotation

GitHub detected a cyber-attack on internal repositories and is rotating the GitHub Enterprise Server signing key used to validate binaries during manual updates. Enterprise Server administrators must immediately rotate GPG public keys using a provided script; GitHub Enterprise Cloud is unaffected.

#security #CVE #key rotation #GitHub Enterprise

Read article →

AI 6.0

NVIDIA Developer Blog

May 20, 2026

Mastering Agentic Techniques: AI Agent Customization

NVIDIA blog post outlines nine techniques for customizing autonomous AI agents to excel at specific tasks. Covers methods for equipping agents with the right capabilities for logistics routing, support ticket triage, code generation, and multistep workflow orchestration.

#agents #tool-use #customization #agentic-patterns

Read article →

AI 8.0

AWS ML Blog

May 20, 2026

Multimodal evaluators: MLLM-as-a-judge for image-to-text tasks in Strands Evals

AWS Strands Evals SDK now includes four multimodal LLM-as-a-Judge evaluators (Overall Quality, Correctness, Faithfulness, Instruction Following) that score image-to-text outputs by sending images directly to a judge model alongside queries and responses. These evaluators catch visual hallucinations and factual errors in document understanding, chart analysis, and shopping applications, and integrate into CI pipelines as drop-in replacements for text-only judges.

#evals #multimodal #LLM-as-Judge #vision

Read article →

AI 8.0

AWS ML Blog

May 20, 2026

Build real-time voice applications with Amazon SageMaker AI and vLLM

AWS SageMaker AI now supports bidirectional streaming for real-time inference, enabling continuous two-way data flow between clients and model containers. Combined with vLLM's Realtime API using WebSockets, this enables deployment of Mistral's Voxtral-Mini-4B-Realtime-2602 speech model for low-latency speech-to-text applications like voice agents and live captioning without waiting for full audio buffers.

#streaming #real-time #speech-to-text #inference

Read article →

AI 7.0

The Hacker News

May 20, 2026

Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development

Microsoft released RAMPART (Risk Assessment and Measurement Platform for Agentic Red Teaming), a Pytest-native safety and security testing framework for AI agents, and Clarity to help developers test agent security during development. The tools enable structured safety and security testing for agentic systems.

#agents #security testing #evals #red teaming

Read article →

DevOps 6.0

HashiCorp Blog

May 20, 2026

Encrypting large artifacts and streaming workloads with Vault

HashiCorp Vault introduced an SDK enabling envelope encryption with Vault Transit, allowing applications to encrypt and decrypt large artifacts and streaming data locally while Vault manages cryptographic keys and access policies. This avoids performance bottlenecks from sending large payloads to a centralized encryption service.

#encryption #key management #Vault #envelope encryption

Read article →

AI 8.0

Google Cloud Blog

May 20, 2026

Introducing Agent Executor, Google's distributed Agent Runtime

Google released Agent Executor, an open-source runtime for long-running agent workflows that provides durable execution with resumption after outages, secure sandboxing, and session consistency. The runtime addresses operational challenges in production agent deployments that run for hours or days with human-in-the-loop confirmations.

#agents #distributed-systems #durable-execution #sandboxing

Read article →

AI 8.0

Google Cloud Blog

May 20, 2026

Agent Sandbox on GKE is now available for everyone, and a first look at Agent Substrate

Google Cloud's Agent Sandbox on GKE is now generally available after 16x growth in adoption since preview, providing secure, low-latency execution for AI agents at scale. The announcement also introduces Agent Substrate, an open-source project extending agentic infrastructure density and integration with the broader agent ecosystem.

#agents #Kubernetes #GKE #sandboxing

Read article →

AI 7.0

Google Cloud Blog

May 20, 2026

Benchmark and optimize LLMs on-device with AI Edge Portal

Google AI Edge Portal now supports automated benchmarking and debugging of on-device LLMs across over 120 representative Android device types, testing latency, memory consumption, and initialization time. The new capabilities help developers optimize generative AI performance across diverse CPU, GPU, and NPU backends without manual device testing.

#LLM #edge-inference #mobile #benchmarking

Read article →

AI 6.0

NVIDIA Developer Blog

May 20, 2026

Add a Specialized Deep Research Skill to Agent Harnesses

NVIDIA post explains how to extend agent harnesses like Claude Code, Codex, and LangChain Deep Agents with specialized deep research capabilities for multi-document synthesis, decision briefs backed by enterprise data, and long-horizon analysis with source attribution. Addresses the complexity gap when orchestrators need to perform research beyond their native capabilities.

#agents #RAG #tool-use #research

Read article →

Cloud 6.0

Azure Blog

May 20, 2026

Azure IaaS: Deploy high-performance workloads with a system-level approach

Microsoft Azure publishes guidance on system-level performance optimization for IaaS workloads, covering AI model training, Kubernetes scaling, and business-critical databases. The article argues that performance is not a single resource decision but emerges from coordinated CPU, storage, and networking, with dynamic bottleneck shifting requiring holistic tuning.

#Azure #performance #IaaS #system optimization

Read article →

Cloud 5.0

Google Cloud Blog

May 20, 2026

Urban Outfitters achieves major cost savings by moving Sterling OMS to AlloyDB for PostgreSQL

Urban Outfitters migrated its 11TB IBM Sterling Order Management System database from Oracle to Google Cloud's AlloyDB for PostgreSQL, reducing licensing costs and operational complexity. The move demonstrates AlloyDB's ability to handle large-scale transactional workloads for retail order management.

#AlloyDB #PostgreSQL #database-migration #cost-optimization

Read article →

AI 9.0

The New Stack

May 20, 2026

Why six AI labs built the same product for knowledge workers in four months

Six major AI vendors (Anthropic, Perplexity, Microsoft, OpenAI, Google, Amazon) launched nearly identical agent products for knowledge workers between January and April 2025. Each combines agentic harnesses, frontier models, browser automation, file access, persistent memory, and scheduled automations. Claude Code's success proved the pattern; all six converged on the same architecture within months.

#agents #agentic-harness #knowledge-workers #convergence

Read article →

Security 8.0

The Hacker News

May 20, 2026

Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks

Microsoft disrupted a malware-signing-as-a-service (MSaaS) operation run by threat actor Fox Tempest that weaponized Microsoft's Artifact Signing system to deliver ransomware and other malicious code, compromising thousands of machines and networks globally.

#security #ransomware #supply-chain #malware

Read article →

AI 7.0

The New Stack

May 20, 2026

Building for accessibility in an AI-first development world

LLM-based code generation tools produce structurally inaccessible output because models trained on the existing web inherit its accessibility gaps. Problems like conflicting ARIA labels, incorrect semantic heading hierarchy, and broken keyboard focus only surface when tested with screen readers and assistive technology, not in visual review.

#LLM #accessibility #code generation #WCAG

Read article →

Security 7.0

The Hacker News

May 20, 2026

Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API

China-aligned threat actor Webworm is deploying custom backdoors named EchoCreep and GraphWorm that abuse Discord and Microsoft Graph API for command-and-control communications. The group, active since at least 2022, targets government agencies with these novel C2 channels that evade traditional network detection.

#backdoor #C2 #supply-chain #threat-actor

Read article →

AI 7.0

Databricks Blog

May 20, 2026

Governing AI agents at scale with Unity Catalog

Databricks addresses governance and control of proliferating AI agents using Unity Catalog for access control, lineage tracking, and audit trails. The post acknowledges the shift from dozens to thousands of agents in enterprises and positions Unity Catalog as a governance layer for agent lifecycle and credential management.

#agents #governance #Unity Catalog #MLOps

Read article →

AI 7.0

InfoQ DevOps

May 20, 2026

OpenAI Outlines WebRTC Architecture for Low-Latency Voice AI at Scale

OpenAI redesigned its WebRTC architecture for low-latency voice AI inference at global scale, replacing traditional media termination with a relay-transceiver model optimized for Kubernetes and cloud load balancers. Session state lives in a dedicated transceiver layer while relays reduce UDP exposure and keep media routing geographically close to users.

#WebRTC #voice AI #Kubernetes #low-latency

Read article →

AI 6.0

The Hacker News

May 20, 2026

Agent AI is Coming. Are You Ready?

Orchid Security's 2026 Identity Gap report reveals that unmanaged identity elements now exceed visible ones by 57% to 43%, creating a critical security gap as enterprises deploy autonomous agents. The research highlights that identity infrastructure is unprepared for agent-driven workloads and multi-tenant access patterns.

#agents #identity #access-control #security

Read article →

AI 8.0

CNCF Blog

May 20, 2026

Introducing Prempti: Policy and visibility for AI coding agents

The Falco team introduced Prempti, a Falco ecosystem project extending runtime security policy enforcement to AI coding agents. Prempti provides structured visibility into agent tool-call lifecycles (bash commands, file writes, credential access) and policy-driven controls, addressing the black-box nature of agent execution on developer machines.

#agents #security #runtime security #policy

Read article →

AI 7.0

The New Stack

May 20, 2026

Cursor bets on cheaper coding with Composer 2.5 and Kimi K2.5

Cursor released Composer 2.5, built on Moonshot Kimi K2.5, showing significant benchmark gains over Composer 2 (69.3% on Terminal-Bench 2.0 vs 61.7%, 63.2% on CursorBench v3.1 vs 52.2%) through scaled training and reinforcement learning improvements. The model remains cheaper than Opus 4.7 and GPT-5.5 while narrowing the performance gap.

#LLM #code generation #benchmarks #model training

Read article →

Security 7.0

The Hacker News

May 20, 2026

Typosquatting Is No Longer a User Problem. It's a Supply Chain Problem

Attackers now embed AI-generated lookalike domains inside third-party scripts deployed on web properties, making typosquatting a supply-chain vector rather than a user-facing threat. Traditional security stacks cannot detect these embedded malicious domains within legitimate script dependencies.

#supply-chain #typosquatting #third-party-scripts #AI-generated

Read article →

AI 8.0

The New Stack

May 20, 2026

At Google I/O 2026, Antigravity gets a new job description

Google repositioned Antigravity from a coding environment to an agent orchestration platform, launching Antigravity 2.0 as a desktop application alongside CLI, SDK, and enterprise cloud integration for managing teams of autonomous AI agents. The company claims millions of developers already use the platform.

#agents #agent orchestration #platform #multi-agent systems

Read article →

Security 7.0

The Hacker News

May 20, 2026

Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit

Microsoft released a mitigation for CVE-2026-45585, a CVSS 6.8 BitLocker security feature bypass vulnerability publicly disclosed as YellowKey. The zero-day allows attackers to circumvent BitLocker encryption protections on Windows systems.

#CVE #BitLocker #Windows #encryption-bypass

Read article →

Security 7.0

The Hacker News

May 20, 2026

Grafana GitHub Breach Exposes Source Code via TanStack npm Attack

Grafana Labs' GitHub environment was breached, exposing public and private source code and internal repositories. The incident appears linked to a TanStack npm supply chain attack, though Grafana reports no compromise of customer production systems.

#supply-chain #breach #npm #source-code

Read article →

Security 8.0

The Hacker News

May 20, 2026

GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories

GitHub is investigating unauthorized access to approximately 4,000 internal repositories after threat actor TeamPCP claimed to have stolen GitHub's source code and internal organizations. GitHub reports no evidence of impact to customer data outside internal repositories.

#breach #GitHub #threat-actor #source-code

Read article →

DevOps 7.0

Kubernetes Blog

May 20, 2026

Announcing etcd 3.7.0-beta.0

etcd v3.7.0-beta.0 introduces RangeStream, an RPC feature that streams large result sets in chunks instead of forcing clients to buffer entire responses, reducing latency and memory predictability. The release also includes security improvements and cleanup of legacy components. The project is seeking community testing before general availability.

#etcd #Kubernetes #distributed-systems #streaming

Read article →

AI 6.0

OpenAI Blog

May 20, 2026

An OpenAI model has disproved a central conjecture in discrete geometry

An OpenAI model solved the 80-year-old unit distance problem, disproving a major conjecture in discrete geometry. This represents a milestone in AI-driven mathematics research.

#LLM #mathematics #research #reasoning

Read article →

AI 5.0

OpenAI Blog

May 20, 2026

How Ramp engineers accelerate code review with Codex

Ramp engineers use Codex with GPT-5.5 to automate code review, delivering substantive feedback in minutes instead of hours. The integration accelerates the code review cycle by leveraging LLM-based analysis of pull requests.

#LLM #code-review #developer-tools #tool-use

Read article →

AI 6.0

NVIDIA Developer Blog

May 19, 2026

NVIDIA-Verified Agent Skills Provide Capability Governance for AI Agents

NVIDIA introduces verified agent skills framework to provide capability governance and structural transparency for autonomous AI agents. The approach enables organizations to understand and trust agent skills and MCP-connected tools while maintaining operational integrity at scale.

#agents #governance #MCP #safety

Read article →

Security 8.0

Snyk Blog

May 19, 2026

The AntV Supply Chain Campaign Expands: Microsoft's `durabletask` PyPI Package Compromised

The AntV supply chain campaign has compromised Microsoft's `durabletask` package on PyPI, following an earlier npm attack. Snyk has documented the vulnerability and provided coverage in its vulnerability database and package health pages.

#supply-chain #CVE #PyPI #malware

Read article →

Cloud 6.0

Databricks Blog

May 19, 2026

Automate Data & KPI Monitoring with SQL Alerts

Databricks SQL Alerts automate data quality and KPI monitoring by triggering notifications when metrics fall outside defined thresholds, replacing manual dashboard checks. The feature integrates with Databricks SQL and supports alerting to email, Slack, and webhooks for real-time incident response.

#monitoring #SQL #alerting #data-quality

Read article →

AI 7.0

The New Stack

May 19, 2026

Anthropic hires OpenAI co-founder Andrej Karpathy to lead Claude pre-training research

Andrej Karpathy, former Tesla AI director and OpenAI founding member, has joined Anthropic to lead pre-training research on Claude models. Karpathy brings deep expertise in neural networks, computer vision, and NLP from his roles at Google DeepMind, OpenAI, and Tesla.

#LLM #pre-training #Claude #research

Read article →

AI 7.0

NVIDIA Developer Blog

May 19, 2026

Mastering Agentic Techniques: AI Agent Evaluation

NVIDIA distinguishes agent evaluation from model benchmarking: while model evals test foundation model capabilities on static tasks, agent evals measure end-to-end system behavior including planning, tool use, and uncertainty handling. The post covers practical frameworks for assessing agent performance across these dimensions.

#agents #evals #tool-use #LLM

Read article →

Cloud 7.0

Databricks Blog

May 19, 2026

How to Build Real-Time Fraud Detection using Spark Real-Time Mode and Lakebase

Databricks demonstrates building a real-time fraud detection system using Spark Real-Time Mode and Lakebase, processing streaming transaction data with sub-second latency to flag suspicious card activity. The architecture combines streaming ingestion, feature computation, and model inference within the Lakehouse.

#fraud-detection #streaming #Spark #real-time

Read article →

AI 5.0

Databricks Blog

May 19, 2026

How Databricks Genie improves supply chain visibility with real-time AI analytics

Databricks Genie, an AI assistant, enables supply chain teams to query Lakehouse data and generate real-time dashboards without SQL expertise, surfacing inventory and logistics insights through natural language. The tool reduces time-to-insight for supply chain visibility use cases.

#AI #natural-language #analytics #supply-chain

Read article →

AI 7.0

Docker Blog

May 19, 2026

Meet Gordon: Docker's AI Agent For Your Entire Container Workflow

Gordon is Docker's AI agent built into Desktop 4.74+ and the CLI that understands your container environment, proposes fixes, and takes action across build, compose, and deployment workflows. It reads logs, inspects configs, and diagnoses issues like cache invalidation and service connectivity problems without requiring you to paste context into generic coding assistants. All actions require explicit approval and permissions reset per session.

#agents #Docker #container-debugging #LLM

Read article →

Cloud 7.0

Azure Blog

May 19, 2026

Azure Files Entra-Only identities: Advancing cloud-native identity and security

Azure Files now supports Entra-Only identities for SMB authentication, eliminating the need for on-premises Active Directory, hybrid sync, or managed domain controllers. Organizations can authenticate users and devices directly via Microsoft Entra ID with native Kerberos support, simplifying architecture and reducing management overhead. The feature includes built-in B2B support for Azure Virtual Desktop, enabling external partners to use existing identities with FSLogix profiles without duplicate accounts.

#Azure Files #identity #Entra ID #SMB

Read article →

AI 5.0

Hugging Face Blog

May 19, 2026

OlmoEarth v1.1: A more efficient family of models

Allen AI releases OlmoEarth v1.1, an updated family of foundation models with improved efficiency compared to the prior version.

#foundation-models #efficiency #open-source

Read article →

AI 8.0

Google Research Blog

May 19, 2026

Empirical Research Assistance (ERA): From Nature publication to catalyzing Computational Discovery

Google Research announces ERA, an AI system for computational discovery published in Nature. The system assists researchers in empirical workflows, automating hypothesis generation and experimental design to accelerate scientific research cycles.

#agents #scientific-discovery #LLM #research-automation

Read article →

AI 8.0

The New Stack

May 19, 2026

Google wants to make the web agent-ready

Google announced WebMCP, an open standard for exposing JavaScript functions and HTML forms to AI agents, enabling agents to interact with websites as first-class tools. The initiative includes Chrome browser enhancements and developer tooling to bridge agentic workflows with web platform capabilities.

#agents #WebMCP #web standards #tool use

Read article →

AI 8.0

The New Stack

May 19, 2026

Google's Gemini 3.5 Flash beats the frontier models

Google released Gemini 3.5 Flash, which outperforms Gemini 3.1 Pro on multiple benchmarks including TerminalBench 2.1 (76.2% vs 70.3%), GDPval-AA, MCP Atlas, and CharXiv reasoning. The Flash model competes with frontier models like GPT 5.5 and Opus 4.7, particularly on tool-use benchmarks.

#LLM #Gemini #benchmarks #tool use

Read article →

AI 7.0

The New Stack

May 19, 2026

Google now lets developers use GPT and Claude in Android Studio

Google announced multi-model support in Android Studio, allowing developers to choose Gemini, GPT, or Claude for code generation, plus local Gemma 4 support in the canary build. Android CLI reached 1.0 release and integrates with Google Antigravity app for development workflows.

#code generation #Android #multi-model #LLM

Read article →

AI 7.0

Google Cloud Blog

May 19, 2026

Everything Google Cloud customers need to know coming out of Google I/O

Google announced Gemini 3.5 Flash, Gemini Omni (multimodal model), Gemini Spark (autonomous agent for Workspace), Managed Agents API for custom agent deployment, and CodeMender (AI security agent). The release includes eighth-generation TPUs and a reimagined Agentic Data Cloud with centralized governance.

#Gemini 3.5 #agents #multimodal #TPU

Read article →

AI 7.0

Google Cloud Blog

May 19, 2026

What Google I/O '26 means for developing agents on Google Cloud

Google introduced Antigravity 2.0 and Managed Agents API as a unified toolkit for local agent development and secure cloud deployment. The Gemini Enterprise Agent Platform now includes session memory and centralized governance, with a four-rung ladder model spanning quick-start to full production control.

#agents #Antigravity 2.0 #Managed Agents API #developer tools

Read article →

AI 7.0

Google Cloud Blog

May 19, 2026

The future of agentic development: Redefining the data practitioner lifecycle with Data Agent Kit

Google released Data Agent Kit, an open-source collection of data engineering skills and Model Context Protocol tools that integrate into VS Code, Claude Code, Gemini CLI, and Antigravity CLI. It provides pre-codified pathways for query optimization, ML best practices, data validation, and secure connections to BigQuery, AlloyDB, and Google Cloud Storage.

#agents #MCP #data engineering #BigQuery

Read article →

AI 6.0

The New Stack

May 19, 2026

Google now lets you vibe code native Android apps in AI Studio

Google AI Studio now supports building native Kotlin-based Android apps from prompts, with the ability to test directly on device and export to Android Studio for refinement. The tool removes the installation barrier by running entirely in-browser and supports any popular LLM, not just Gemini.

#code generation #Android #Kotlin #LLM

Read article →

AI 5.0

The New Stack

May 19, 2026

Google launches $100 AI Ultra plan and cuts top tier to $200

Google introduced a $100/month AI Ultra plan between its existing $20 and $200 tiers, and reduced the top-tier price from $250 to $200. The company switched from prompt-based limits to a compute-used metering model and offers 5x higher usage limits in Antigravity and Gemini apps at the $100 tier.

#pricing #LLM #subscription #Gemini

Read article →

Cloud 6.0

HashiCorp Blog

May 19, 2026

Azure hub-and-spoke generally available for HCP Vault Dedicated

HCP Vault Dedicated now supports Azure hub-and-spoke networking topology, enabling enterprises to integrate Vault into centralized Azure network architectures without custom routing or peering patterns. HashiCorp Virtual Networks (HVNs) provide secure private connectivity for hybrid and multi-cloud environments.

#Vault #Azure #networking #HCP

Read article →

Security 5.0

The Hacker News

May 19, 2026

Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps

The Trapdoor ad fraud operation deployed 455 malicious Android apps and 183 C2 domains to conduct multi-stage fraud, generating 659 million daily bid requests. The infrastructure was designed as a pipeline for ad fraud and malvertising targeting Android users.

#malware #ad-fraud #Android #C2

Read article →

AI 8.0

Databricks Blog

May 19, 2026

Stop rogue AI: How Unity Catalog secures your agent actions

Databricks Unity Catalog now provides access controls for AI agent tool use, preventing agents from executing unauthorized actions on external systems. The feature enables fine-grained permission policies for agent-to-tool connections, addressing supply-chain and privilege-escalation risks.

#agents #security #tool-use #access-control

Read article →

Security 5.0

Databricks Blog

May 19, 2026

Why AI Security Infrastructure is Now a CMO Priority

Databricks argues that AI security infrastructure has become a board-level concern, citing emerging threats to LLM supply chains, model poisoning, and prompt injection attacks. The article positions security governance for AI systems as a CMO responsibility alongside traditional security.

#AI-security #LLM #threat-landscape #governance

Read article →

AI 5.0

Databricks Blog

May 19, 2026

Databricks context engineer associate: the industry's first certification for reliable AI agent systems

Databricks launches a certification program for context engineers, covering AI agent architecture, retrieval patterns, tool integration, and production reliability. The program targets engineers building agentic systems and validates skills in agent design and operational best practices.

#agents #certification #RAG #tool-use

Read article →

AI 7.0

AWS ML Blog

May 19, 2026

Scalable voice agent design with Amazon Nova Sonic: multi-agent, tools, and session segmentation

AWS details architectural patterns for building scalable voice agents using Amazon Nova Sonic, Bedrock AgentCore, and Strands BidiAgent. The post covers three design patterns with trade-offs for minimizing latency in real-time speech-to-speech interactions, leveraging microVM-level session isolation and bidirectional WebSocket streaming to prevent noisy-neighbor effects.

#agents #voice #LLM #real-time

Read article →

AI 7.0

AWS ML Blog

May 19, 2026

Extending conversational memory in Kiro CLI using Amazon Bedrock AgentCore Memory

AWS demonstrates how to extend Kiro CLI's conversational memory across sessions using a custom Model Context Protocol server integrated with Bedrock AgentCore Memory. The solution stores and retrieves conversation context with semantic search, allowing agents to maintain context and preferences across multiple terminal sessions without repetitive context-setting.

#agents #memory #MCP #context

Read article →

AI 7.0

AWS ML Blog

May 19, 2026

Accelerate ML feature pipelines with new capabilities in Amazon SageMaker Feature Store

SageMaker Feature Store now supports Apache Iceberg table format, streaming ingestion, scalable batch ingestion, and AWS Lake Formation access control via SageMaker Python SDK v3.8.0. The update addresses metadata bloat (50+ TB in one year) and enables automatic fine-grained access control at feature group creation without manual configuration.

#MLOps #feature-store #Iceberg #access-control

Read article →

AI 8.0

AWS ML Blog

May 19, 2026

Implementing programmatic tool calling on Amazon Bedrock

AWS explains programmatic tool calling (PTC), where models generate Python code to invoke multiple tools in a sandboxed environment rather than orchestrating one tool call per round trip. This reduces latency and token consumption for multi-tool workflows by sampling the model once and returning only the final result, with three implementation patterns shown for Bedrock.

#tool-use #agents #LLM #latency

Read article →

Engineering 7.0

The New Stack

May 19, 2026

Valkey 9.1 trims memory 10% and pulls search into the core

Valkey 9.1 reduces per-key memory usage by 10% through reworked internal data layout, requires no tuning or reconfiguration, and integrates full-text search capabilities into the core engine. The release emphasizes compute efficiency and modularity for production workloads, with updates to Valkey Admin, Valkey Search, and the GLIDE client.

#Valkey #memory optimization #search #Redis

Read article →

Security 8.0

The Hacker News

May 19, 2026

DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability

Proof-of-concept exploit code was released for CVE-2026-31635 (DirtyDecrypt/DirtyCBC), a Linux kernel local privilege escalation vulnerability discovered by Zellic and V12 security teams. The flaw allows unprivileged users to escalate to root on affected systems.

#CVE #LPE #Linux-kernel #exploit

Read article →

AI 8.0

The New Stack

May 19, 2026

Anthropic debuts MCP tunnels and self-hosted sandboxes to lock down AI agent infrastructure

Anthropic announced self-hosted sandboxes in public beta and MCP tunnels in research preview for Claude Managed Agents, allowing organizations to run agent tool execution on their own infrastructure or via managed providers like Cloudflare, Modal, and Vercel. The agent loop remains on Anthropic's infrastructure while tool execution moves to customer environments, preserving data privacy and security controls.

#agents #sandboxes #MCP #Claude

Read article →

AI 7.0

Databricks Blog

May 19, 2026

Introducing AI Spend Controls with Unity AI Gateway

Databricks Unity AI Gateway now includes AI Spend Controls, allowing teams to set per-user and per-model budget caps for LLM API calls, preventing runaway costs. The feature integrates with Databricks' gateway to enforce quotas across multiple LLM providers.

#cost-control #LLM #API-gateway #budgeting

Read article →

AI 8.0

The New Stack

May 19, 2026

Why production RAG systems give confident, wrong answers at scale

Production RAG systems fail not because of weak LLMs but because retrieval architectures designed for small datasets collapse under scale with millions of documents, messy metadata, and access controls. As retrieval quality degrades silently, models compensate by hallucinating context, producing fluent but increasingly incorrect answers.

#RAG #retrieval #vector databases #LLM

Read article →

AI 6.0

Databricks Blog

May 19, 2026

How to safeguard AI workloads with Unity AI Gateway Guardrails

Databricks details guardrail capabilities in Unity AI Gateway for securing AI workloads against injection attacks, data leakage, and policy violations. The post covers practical implementation of content filtering, input/output validation, and audit logging to prevent AI-related security incidents.

#AI safety #guardrails #prompt injection #observability

Read article →

AI 7.0

Databricks Blog

May 19, 2026

What's new in Unity AI Gateway: service policies, guardrails, observability, and cost controls for AI agents and MCPs

Databricks announces new governance features in Unity AI Gateway including service policies, enhanced guardrails, observability dashboards, and cost controls for AI agents and Model Context Protocol (MCP) integrations. The update addresses the gap between rapid agent adoption and governance maturity.

#AI agents #governance #MCP #cost controls

Read article →

AI 7.0

The New Stack

May 19, 2026

Steve Yegge's AI agent orchestration project Gas Town comes to the cloud and brings the Wasteland with it

Gas Town, Steve Yegge's multi-agent orchestration system for software development, is moving to the cloud via partnership with Kilo, a model-agnostic coding agent platform founded by GitLab co-founder Sid Sijbrandij. The ecosystem now includes Wasteland and Gas City, with agents coordinating specialized roles (coding, testing, review, operations) across shared codebases.

#agents #orchestration #multi-agent #coding

Read article →

AI 7.0

Cloudflare Blog

May 19, 2026

Announcing Claude Managed Agents on Cloudflare

Cloudflare integrated Claude Managed Agents with Cloudflare Sandboxes, enabling agents to run on Claude Platform while executing code and tool calls in Cloudflare's secure environment. The integration provides customizable proxies for credential injection, sandbox observability with SSH access, and lightweight stateful Linux microVMs.

#agents #Claude #sandboxes #security

Read article →

AI 8.0

InfoQ DevOps

May 19, 2026

Presentation: Powering the Future: Building Your GenAI Infrastructure Stack

Merrin Kurian from Intuit shares architectural patterns for scaling AI across 8,000 developers using a fixed-flexible-free framework, enabling 3,500+ production experiments. The talk covers critical agent failure modes, LLM-as-a-judge evaluation strategies, and designing tool-ready APIs for agent integration.

#agents #infrastructure #evals #LLM-as-judge

Read article →

AI 8.0

The New Stack

May 19, 2026

Pulumi bets infrastructure's next decade belongs to AI agents

Pulumi shipped agent-optimized capabilities including ephemeral 72-hour Cloud accounts, npx pulumi one-shot invocation, and pulumi do imperative verb for single-resource provisioning. AI agents already drive 20% of operations on Pulumi's platform, up from near-zero a year ago.

#agents #infrastructure #IaC #Pulumi

Read article →

Security 8.0

InfoQ DevOps

May 19, 2026

TanStack Details Sophisticated npm Supply Chain Attack That Compromised 42 Packages

TanStack published a postmortem of a supply-chain attack that compromised 42 npm packages, publishing 84 malicious versions in six minutes. The attack exposed developers and CI/CD systems to credential theft and malware propagation, highlighting the speed and scale at which modern supply-chain compromises can occur.

#supply-chain #npm #CVE #malware

Read article →

Security 9.0

The Hacker News

May 19, 2026

The New Phishing Click: How OAuth Consent Bypasses MFA

EvilTokens, a phishing-as-a-service platform launched in February 2026, compromised over 340 Microsoft 365 organizations within five weeks by using OAuth consent screens to bypass MFA. Victims complete normal MFA challenges but unknowingly grant token access to attackers.

#phishing #OAuth #MFA-bypass #credential-theft

Read article →

DevOps 7.0

CNCF Blog

May 19, 2026

Automating Confidential Containers (CoCo) infrastructure with Kyverno

Kyverno as a Policy as Code engine automates Confidential Containers (CoCo) deployment wiring, reducing infrastructure burden on application teams. CoCo treats the Kubernetes control plane as untrusted and verifies pod specs via remote attestation before runtime, requiring runtimeClass and initdata specifications.

#Kubernetes #security #CoCo #Kyverno

Read article →

AI 5.0

OpenAI Blog

May 19, 2026

Advancing content provenance for a safer, more transparent AI ecosystem

OpenAI announces Content Credentials and SynthID tools to help identify and verify AI-generated media, advancing content provenance standards for transparency and trust in AI-generated content.

#AI safety #content-provenance #verification #transparency

Read article →

Security 7.0

The Hacker News

May 19, 2026

Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare

Drupal announced an urgent core security release scheduled for May 20, 2026 (5-9 p.m. UTC) across all supported branches. The maintainers warned that exploits may be developed within hours or days of release, urging administrators to reserve time for immediate patching.

#CVE #Drupal #CMS #security-advisory

Read article →

Security 7.0

The Hacker News

May 19, 2026

SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access

Critical vulnerabilities in SEPPMail Secure E-Mail Gateway allow remote code execution and arbitrary mail access from the virtual appliance. The flaws could enable attackers to read all mail traffic or pivot into internal networks.

#CVE #RCE #email-security #appliance

Read article →

DevOps 7.0

InfoQ DevOps

May 19, 2026

Kernel-Level Ground Truth: Why eBPF is Replacing User-Space Agents for Security Observability

eBPF probes attached to Linux kernel syscall interfaces provide consistent security visibility even during container compromises, replacing traditional user-space agents. Kernel-level filtering reduces CPU overhead and data volume compared to post-hoc collection, improving operational efficiency for threat detection and forensics.

#eBPF #security #observability #kernel

Read article →

Security 9.0

The Hacker News

May 19, 2026

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer

Version 18.95.0 of the Nx Console VS Code extension (rwl.angular-console) was compromised and published to the VS Code Marketplace with a credential stealer payload. The extension has 2.2 million installations across VS Code, Cursor, and JetBrains IDEs.

#supply-chain #VS-Code-extension #credential-theft #malware

Read article →

Security 8.0

The Hacker News

May 19, 2026

GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials

Threat actors compromised the popular GitHub Actions workflow 'actions-cool/issues-helper' and redirected all repository tags to malicious commits to harvest CI/CD credentials and exfiltrate them to attacker-controlled servers. The attack demonstrates tag-hijacking as a supply chain vector against workflows relying on semantic versioning.

#supply chain #GitHub Actions #CI/CD #credential theft

Read article →

Security 8.0

The Hacker News

May 19, 2026

Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account

The Mini Shai-Hulud attack campaign has compromised npm packages in the @antv ecosystem, including echarts-for-react (1.1M weekly downloads), by hijacking the maintainer account 'atool'. The attack represents an ongoing wave targeting high-traffic React visualization libraries.

#supply chain #npm #malicious packages #maintainer compromise

Read article →

AI 7.0

Databricks Blog

May 19, 2026

How Deutsche Börse built a generative AI tool to tackle the large-scale migration of Zeppelin notebooks to Databricks

Deutsche Börse Group built a generative AI tool to automate large-scale migration of Zeppelin notebooks to Databricks, leveraging LLMs to handle their StatistiX platform's notebook transformation at scale.

#LLM #code migration #Databricks #notebooks

Read article →

AI 5.0

Hugging Face Blog

May 19, 2026

Introducing the Ettin Reranker Family

A new family of reranker models called Ettin is introduced, designed to improve retrieval ranking in RAG and search pipelines.

#RAG #reranking #retrieval #open-source

Read article →

AI 5.0

Anthropic News

May 19, 2026

KPMG integrates Claude across its core business and workforce of more than 276,000 in strategic alliance

KPMG has integrated Claude into its operations across consulting, audit, and tax functions for its 276,000+ employees. The partnership demonstrates enterprise-scale LLM deployment in professional services, with Claude handling client-facing and internal workflows.

#LLM #Claude #enterprise #integration

Read article →

Security 8.0

Snyk Blog

May 18, 2026

Mini Shai-Hulud Hits AntV: 300+ Malicious npm Packages Published via Compromised Maintainer Account

Over 300 malicious package versions across 323 packages in the AntV data visualization ecosystem were published via a compromised npm maintainer account as part of the Mini Shai-Hulud supply chain worm campaign. The attack automated burst publishing to maximize reach before detection.

#supply-chain #npm #malware #worm

Read article →

Security 9.0

Krebs on Security

May 18, 2026

CISA Admin Leaked AWS GovCloud Keys on Github

A CISA contractor's public GitHub repository exposed highly privileged AWS GovCloud credentials, internal CISA/DHS tokens, plaintext passwords, and build/deployment documentation. GitGuardian researcher Guillaume Valadon flagged the 'Private-CISA' repository after the account owner failed to respond, revealing one of the most significant government data leaks in recent history.

#credential exposure #AWS #GitHub #government

Read article →

AI 6.0

The New Stack

May 18, 2026

Why Google's Remy leaks have enterprise architects rethinking the AI stack

Google is reportedly developing Remy, an OpenClaw-style agent that performs actions on behalf of users within Gemini, integrating with Google services and representing a shift toward orchestrated AI services embedded in workflows rather than chat-based tools. The unconfirmed reports suggest Remy could significantly advance autonomous agent capabilities in enterprise environments.

#agents #Gemini #autonomous #enterprise

Read article →

AI 7.0

AWS News

May 18, 2026

AWS Weekly Roundup: AWS Transform at 1 year, Claude Platform on AWS, EC2 M3 Ultra Mac instances, and more (May 18, 2026)

AWS Transform, an agentic AI service for modernizing enterprise applications, marks its 1-year anniversary with 4.5+ billion lines of code processed and 1.6+ million hours saved across thousands of customers. The service now integrates with Claude, Cursor, Codex, and Kiro agents, and AWS launched Claude Platform on AWS for direct access to Anthropic's native APIs and console.

#agents #code modernization #LLM #AWS Transform

Read article →

Security 6.0

The New Stack

May 18, 2026

GitHub will start paying some bug bounty hunters in swag instead of cash

GitHub is tightening bug bounty submission standards as AI-assisted reports flood the program with low-quality, unvalidated findings. The company is shifting payouts to swag for reports lacking proof-of-concept, demonstrated impact, or clear exploitable boundaries, while emphasizing that AI tool use itself is acceptable but output quality is what matters.

#bug bounty #security research #AI-assisted #supply chain

Read article →

AI 6.0

AWS ML Blog

May 18, 2026

Prompting Amazon Nova 2 for content moderation

This post demonstrates prompt-based content moderation using Amazon Nova 2 Lite against the MLCommons AILuminate taxonomy, avoiding the need for fine-tuning or training data. Benchmarks compare Nova 2 Lite's moderation performance against other foundation models on three public datasets, with structured and free-form prompting techniques that adapt to custom policies.

#LLM #prompting #content moderation #evals

Read article →

AI 5.0

The New Stack

May 18, 2026

AI security readiness is now the No. 1 obstacle to adoption, Linux Foundation finds

A Linux Foundation report identifies security readiness as the primary blocker to AI deployment, with 67% of organizations reporting pressure to accelerate AI rollout despite unresolved security concerns. The report recommends hiring security-aware staff and upskilling existing teams to close AI and security capability gaps.

#AI security #risk management #talent #adoption

Read article →

AI 8.0

DeepMind

May 18, 2026

Fast-tracking genetic leads to reverse cellular aging

DeepMind's Co-Scientist agent identified novel genetic factors that successfully rejuvenate human cells. The system combines LLM reasoning with biological data analysis to accelerate discovery of aging-reversal mechanisms.

#agents #scientific-discovery #LLM #biology

Read article →

AI 6.0

AWS ML Blog

May 18, 2026

Aderant transforms cloud operations with Amazon Quick

Aderant, a legal software provider, deployed Amazon Quick to unify search across six vendor systems and automate documentation workflows for its 38-person Cloud Engineering team. The implementation achieved 90% faster search times and 75% documentation acceleration, reducing manual search time from 30-45 minutes per task.

#LLM #RAG #search #documentation

Read article →

AI 8.0

GitHub Blog

May 18, 2026

Take your local GitHub sessions anywhere

GitHub Copilot now supports remote control for CLI sessions and introduces remote control in VS Code and JetBrains IDEs, allowing developers to monitor and manage multi-surface agent workflows from any device via github.com or GitHub Mobile. Sessions persist across CLI, web, and mobile with real-time progress tracking and mid-flight instruction updates.

#agents #GitHub Copilot #CLI #IDE

Read article →

AI 7.0

Hugging Face Blog

May 18, 2026

Fine-Tuning NVIDIA Cosmos Predict 2.5 with LoRA/DoRA for Robot Video Generation

NVIDIA Cosmos Predict 2.5 can be fine-tuned using LoRA and DoRA techniques for robot video generation tasks. This enables efficient adaptation of the video foundation model to specialized robotics applications without full model retraining.

#fine-tuning #LoRA #video generation #robotics

Read article →

DevOps 7.0

Google Cloud Blog

May 18, 2026

How Google Does It: Fleet-wide, large-scale A/B experimentation

Google shares methodology for A/B testing infrastructure changes like memory allocators and kernel schedulers across fleet-wide deployments. The post covers four pillars: application-level vs. machine-level experimentation, balanced setup, binary hermeticity, and performance metrics selection.

#A/B-testing #infrastructure #kernel #performance

Read article →

AI 7.0

Google Cloud Blog

May 18, 2026

Beyond the Query: 5 Scenarios Laying the Foundation for the Agentic Era

Google outlines five architectural patterns for exposing enterprise data to autonomous systems, moving from static reports to dynamic LLM-driven access. The patterns span from manual SQL to Model Context Protocol (MCP) standardized workflows, addressing trust, complexity, security, and semantic accuracy in BigQuery and legacy data sources.

#agents #LLM #data-access #MCP

Read article →

AI 7.0

Google Cloud Blog

May 18, 2026

What we announced in streaming AI at Next '26

Google Cloud announced a unified streaming data platform addressing real-time AI challenges, specifically 'context lag' where agentic AI systems must choose between stale batch data or memory-intensive context windows. The platform integrates Google Cloud-native and open-source services for large-scale AI training and inference with real-time data.

#agentic AI #streaming data #real-time analytics #context window

Read article →

AI 6.0

AWS ML Blog

May 18, 2026

Integrate Atlassian Confluence Cloud with Amazon Quick

AWS Quick now integrates with Atlassian Confluence Cloud to enable natural language search over documentation without context switching. Teams can query Confluence pages, retrieve content, and manage updates while accessing data from S3, JIRA, and other business applications through a unified interface.

#RAG #semantic search #knowledge bases #LLM

Read article →

AI 6.0

Hugging Face Blog

May 18, 2026

PaddleOCR 3.5: Running OCR and Document Parsing Tasks with a Transformers Backend

PaddleOCR 3.5 now supports a Transformers backend for OCR and document parsing, moving beyond traditional CNN-based approaches. This enables integration with the Hugging Face ecosystem and leverages modern transformer architectures for improved accuracy on complex document layouts.

#OCR #document parsing #transformers #PaddleOCR

Read article →

AI 8.0

AWS ML Blog

May 18, 2026

Build custom code-based evaluators in Amazon Bedrock AgentCore

Amazon Bedrock AgentCore Evaluations now supports custom code-based evaluators via AWS Lambda alongside LLM-as-a-Judge checks. Developers can implement deterministic validation logic for domain-specific requirements like JSON schema conformance, PII filtering, and business rule enforcement without consuming foundation model tokens.

#evals #agents #LLM-as-Judge #validation

Read article →

AI 7.0

Hugging Face Blog

May 18, 2026

The Open Agent Leaderboard

IBM Research and Hugging Face launched the Open Agent Leaderboard to benchmark and compare agent implementations across standardized tasks. The leaderboard provides a community-driven evaluation framework for assessing agent capabilities, tool use, and reasoning performance.

#agents #evals #benchmarking #leaderboard

Read article →

Security 6.0

The Hacker News

May 18, 2026

Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More

Weekly security roundup covering an active Exchange mail server flaw, npm package poisoning, fake AI model repositories distributing stealers, and Cisco exploits. The recap illustrates the supply-chain attack pattern: one weak dependency leaks keys, one leaked key opens cloud access, one cloud foothold reaches production.

#supply-chain #npm #CVE #malware

Read article →

Security 8.0

Docker Blog

May 18, 2026

Coding Agent Horror Stories: The Security Crisis Threatening Developer Infrastructure

Docker examines documented security failures in AI coding agents, where agents have deleted home directories and dropped production databases. The article introduces Docker Sandboxes as enterprise-grade containment for autonomous agent execution, launching a series on agent security risks.

#agents #security #sandboxing #AI coding

Read article →

AI 7.0

Docker Blog

May 18, 2026

Coding Agent Horror Stories: The Security Crisis Threatening Developer Infrastructure

Docker outlines documented security failures in AI coding agents, where agents have deleted home directories and dropped production databases. The article launches a series examining how autonomous agents can cause critical infrastructure damage and how Docker Sandboxes provide isolation to contain these failures in enterprise environments.

#agents #security #sandbox #code execution

Read article →

Cloud 5.0

Databricks Blog

May 18, 2026

The question your commercial data should already be able to answer

Databricks explores how enterprises can extract actionable insights from commercial data using modern data and AI techniques. The article examines barriers to data accessibility and proposes approaches for making data queryable and useful for business decision-making.

#data analytics #business intelligence #data access #enterprise data

Read article →

Security 8.0

The Hacker News

May 18, 2026

Developer Workstations Are Now Part of the Software Supply Chain

Three coordinated campaigns in 48 hours targeted npm, PyPI, and Docker Hub to steal secrets from developer environments and CI/CD pipelines, including API keys, cloud credentials, SSH keys, and tokens. Developer workstations are now recognized as critical supply-chain attack surface.

#supply-chain #secrets-theft #npm #PyPI

Read article →

DevOps 7.0

CNCF Blog

May 18, 2026

What kubectl debug doesn't tell you: The silent evidence gap

kubectl debug sessions on Kubernetes leave no audit trail in the API after the session ends. Exit codes, session duration, and target container details are discarded once the pod state changes, creating a blind spot in incident response. The article demonstrates the gap with a three-command reproduction on any Kubernetes 1.25+ cluster.

#Kubernetes #debugging #observability #incident-response

Read article →

Security 7.0

The Hacker News

May 18, 2026

Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws

Ivanti, Fortinet, n8n, SAP, and VMware released patches for critical vulnerabilities including RCE, SQL injection, and privilege escalation flaws. Ivanti Xtraction (CVE-2026-8043, CVSS 9.6) tops the list with potential for information disclosure and client-side attacks.

#CVE #RCE #privilege-escalation #SQL-injection

Read article →

AI 5.0

OpenAI Blog

May 18, 2026

OpenAI and Dell partner to bring Codex to hybrid and on-premise enterprise environments

OpenAI and Dell announced a partnership to deploy Codex, an AI coding agent, in hybrid and on-premise enterprise environments, enabling secure deployment across customer data and workflows.

#agents #code generation #enterprise #deployment

Read article →

Security 8.0

The Hacker News

May 18, 2026

MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems

MiniPlasma is a Windows privilege escalation zero-day affecting cldflt.sys (Cloud Files Mini Filter Driver) that grants SYSTEM privileges on fully patched systems. Disclosed by researcher Chaotic Eclipse, it follows earlier Windows flaws YellowKey and GreenPlasma.

#CVE #privilege-escalation #Windows #0-day

Read article →

Security 7.0

The Hacker News

May 18, 2026

Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware

Four malicious npm packages (chalk-tempalte, @deadcode09284814/axios-util, axois-utils, color-style-utils) distribute infostealers and DDoS botware, with one cloning the Shai-Hulud worm. Combined downloads range from 284 to 963 before removal.

#supply-chain #malware #npm #infostealer

Read article →

Security 6.0

The Hacker News

May 18, 2026

Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations

Analysis by Symantec and Carbon Black confirms fast16, a Lua-based pre-Stuxnet malware, was a cyber sabotage tool designed to corrupt uranium-compression simulations used in nuclear weapon design. The malware's hook engine selectively targeted simulation processes.

#malware #cyber-sabotage #APT #critical-infrastructure

Read article →

AI 8.0

Cloudflare Blog

May 18, 2026

Project Glasswing: what Mythos showed us

Cloudflare tested Anthropic's Mythos Preview LLM on 50+ internal repositories as part of Project Glasswing to evaluate security-focused frontier models. Mythos Preview demonstrated significant advances in exploit chain construction and vulnerability identification compared to general-purpose models, requiring architectural changes for production-scale deployment.

#LLM #security #vulnerability-detection #Mythos

Read article →

AI 6.0

Anthropic News

May 18, 2026

Anthropic acquires Stainless

Anthropic has acquired Stainless, a company known for SDK generation and API tooling. The acquisition likely strengthens Anthropic's developer experience and API infrastructure for Claude integrations.

#LLM #Claude #SDK #developer tools

Read article →

AI 6.0

DeepMind

May 17, 2026

Simulate real-world places with Project Genie and Street View

DeepMind expands Project Genie access to Google AI Ultra subscribers, adding Street View integration for generating interactive simulations of real-world locations. The capability enables users to explore and interact with photorealistic environments.

#generative-models #simulation #multimodal #vision

Read article →

AI 9.0

DeepMind

May 17, 2026

Introducing Gemini Omni

DeepMind introduces Gemini Omni, a multimodal foundation model with native support for audio, video, text, and image inputs and outputs. The model enables low-latency streaming interactions and unified reasoning across modalities.

#foundation-models #multimodal #LLM #streaming

Read article →

AI 7.0

The New Stack

May 17, 2026

The Mac mini just became infrastructure

Mac mini and Mac Studio are now sold out due to demand from agentic AI tools, with Perplexity, OpenClaw, and Hermes Agent all converging on Mac mini as the preferred always-on agent runtime. Apple's supply constraints and explicit developer recommendations signal a new substrate category emerging for local-first AI agent deployment.

#agents #inference #local-first #Mac

Read article →

AI 8.0

DeepMind

May 17, 2026

Gemini for Science: AI experiments and tools for a new era of discovery

DeepMind releases Gemini for Science, a suite of AI tools and experiments designed to expand scientific research scale and precision. The toolkit integrates Gemini models with domain-specific capabilities for computational discovery workflows.

#agents #scientific-discovery #LLM #research-tools

Read article →

Other 5.0

DeepMind

May 17, 2026

Making it easier to understand how content was created and edited

DeepMind expands tools for content provenance and editing history tracking across the web. The capability helps users understand the creation and modification timeline of digital content.

#content-provenance #transparency #web-tools

Read article →

Security 9.0

The Hacker News

May 17, 2026

NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE

CVE-2026-42945 (CVSS 9.2) is a heap buffer overflow in ngx_http_rewrite_module affecting NGINX versions 0.6.27 through 1.30.0, actively exploited in the wild days after disclosure. The vulnerability can cause worker crashes and potential remote code execution.

#CVE #NGINX #RCE #heap-overflow

Read article →

Security 6.0

The Hacker News

May 17, 2026

Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt

An unauthorized party obtained a GitHub token granting access to Grafana's codebase and downloaded it, followed by an extortion attempt. Grafana confirmed no customer data or personal information was accessed and found no evidence of impact to customer systems.

#breach #supply-chain #GitHub #credentials

Read article →

AI 6.0

InfoQ DevOps

May 16, 2026

Ubuntu Embraces Local AI Instead of Cloud-First OS Integration

Ubuntu is shifting its AI strategy away from cloud-centric models toward local, on-device AI with modular design and user control. This represents a deliberate departure from industry trends favoring cloud-first AI integration in operating systems.

#local AI #on-device inference #Ubuntu #OS design

Read article →

Security 8.0

The Hacker News

May 16, 2026

Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming

A critical vulnerability in the Funnel Builder WordPress plugin is under active exploitation to inject malicious JavaScript into WooCommerce checkout pages for payment data theft. The flaw currently lacks a CVE identifier but is actively being weaponized in the wild.

#security #CVE #WordPress #payment skimming

Read article →

AI 7.0

The New Stack

May 16, 2026

The clean-up cost of AI-generated code is what the velocity narrative leaves out

The New Stack examines hidden technical debt and maintenance costs of AI-generated code at scale. GitHub forecasts 14 billion commits by 2026, but the article argues that rapid code generation via LLMs creates long-term cleanup burdens that velocity metrics ignore. Categorizes stakeholders: Inventors (OpenAI, Anthropic), Researchers, Platforms (GitHub, Cursor, Hugging Face), and Engineering Orgs.

#LLM #code generation #technical debt #MLOps

Read article →

AI 8.0

The New Stack

May 16, 2026

GitHub takes aim at Claude Code and Codex with its new Copilot app

GitHub announced a technical preview of GitHub Copilot app, a standalone desktop application for managing coding agents, issues, pull requests, and development sessions. Built on GitHub Copilot CLI (GA in February), the app runs multiple agents simultaneously, tracks progress across repos, and supports side-by-side diff reviews. Available for macOS, Windows, and Linux.

#LLM #agents #code generation #IDE tooling

Read article →

Other 6.0

The New Stack

May 16, 2026

Forward deployed engineer is AI's hottest job as OpenAI and Google race to hire. Here's how to become one

OpenAI launched Deployment Company, a $4 billion initiative to staff enterprises with forward deployed engineers (FDEs). Google Cloud and Anthropic are simultaneously hiring hundreds of FDEs. The article frames FDEs as the bridge between AI models and production outcomes inside companies, requiring AI engineering stack knowledge, real workflow experience, and customer-facing judgment.

#LLM #AI engineering #deployment #career

Read article →

AI 6.0

DeepMind

May 16, 2026

Finding the molecular switches behind new infectious diseases

Clare Bryant uses Co-Scientist, a multi-agent AI system built on Gemini, to identify genetic triggers in emerging infectious diseases. The system helps researchers analyze complex biological data and surface molecular mechanisms that drive disease emergence.

#LLM agents #research acceleration #biology #Co-Scientist

Read article →

AI 6.0

DeepMind

May 16, 2026

Opening new paths in aging research

Calico Life Sciences uses Co-Scientist to synthesize scattered research findings and generate novel research leads in aging biology. The system connects disparate datasets and literature to surface previously unconnected insights.

#LLM agents #research acceleration #RAG #Co-Scientist

Read article →

AI 6.0

DeepMind

May 16, 2026

Accelerating discovery of liver disease mechanisms

Filippo Menolascina uses Co-Scientist to identify new liver disease treatments and explain patient-specific drug efficacy. The system analyzes biological mechanisms to predict which patients benefit from existing therapies.

#LLM agents #research acceleration #mechanistic reasoning #Co-Scientist

Read article →

AI 6.0

DeepMind

May 16, 2026

Uniting biological toolkits for a new approach to ALS

Co-Scientist enables collaboration between Boston Children's Hospital and MIT labs to explore RNA-based ALS treatments. The system integrates disparate experimental toolkits and research methodologies across institutions.

#LLM agents #research acceleration #multi-institutional #Co-Scientist

Read article →

AI 6.0

DeepMind

May 16, 2026

Uncovering repurposed medicines to fight liver fibrosis

Stanford geneticist uses Co-Scientist to identify existing drugs that can be repurposed for chronic liver disease and liver fibrosis treatment. The system screens existing pharmacology against disease mechanisms to surface candidates.

#LLM agents #research acceleration #drug repurposing #Co-Scientist

Read article →

AI 7.0

DeepMind

May 16, 2026

How WeatherNext helped the National Hurricane Center better predict Hurricane Melissa's historic landfall in Jamaica

DeepMind's WeatherNext AI model improved hurricane track and intensity forecasting for Hurricane Melissa, giving communities additional preparation time. The system demonstrated measurable accuracy gains over traditional numerical weather prediction.

#foundation models #weather forecasting #WeatherNext #diffusion

Read article →

AI 8.0

DeepMind

May 15, 2026

Gemini 3.5: frontier intelligence with action

Gemini 3.5 is optimized for agentic workflows and complex multi-step tasks. The release emphasizes tool-use, reasoning, and execution capabilities for autonomous agent systems.

#LLM #agents #tool-use #Gemini

Read article →

AI 7.0

The New Stack

May 15, 2026

Why Block handed Goose to the Linux Foundation

Block open-sourced its Goose coding agent and subsequently transferred governance to the newly formed Agentic AI Foundation under the Linux Foundation. The move addressed trademark and governance concerns that were hampering enterprise adoption despite rapid early uptake.

#agents #open-source #governance #coding agents

Read article →

DevOps 6.0

Kubernetes Blog

May 15, 2026

Kubernetes v1.36: New Metric for Route Sync in the Cloud Controller Manager

Kubernetes v1.36 adds route_controller_route_sync_total, an alpha counter metric to the Cloud Controller Manager, enabling operators to measure the impact of the CloudControllerManagerWatchBasedRoutesReconciliation feature gate. This watch-based approach replaces fixed-interval polling, reducing unnecessary API calls to cloud providers and lowering rate-limit pressure on infrastructure APIs.

#Kubernetes #metrics #Cloud Controller Manager #observability

Read article →

DevOps 7.0

Kubernetes Blog

May 15, 2026

Kubernetes v1.36: Mixed Version Proxy Graduates to Beta

The Mixed Version Proxy (MVP), introduced as alpha in Kubernetes 1.28, reaches beta status in v1.36 and is now enabled by default. MVP solves the problem of incorrect 404 responses during control plane upgrades by proxying requests to peer API servers that can serve newer API versions, preventing garbage collection errors and blocked namespace deletions.

#Kubernetes #API server #upgrades #high availability

Read article →

Security 7.0

The Hacker News

May 15, 2026

Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access

Russian state-sponsored group Turla has evolved its custom Kazuar backdoor into a modular peer-to-peer botnet designed for stealth and persistent access. The transformation reflects adversary investment in long-term infrastructure and evasion of detection.

#APT #Turla #Kazuar #backdoor

Read article →

AI 8.0

The New Stack

May 15, 2026

AWS found bugs in 60% of software requirements. Its fix isn't more AI — it's a 50-year-old logic engine.

AWS introduces Requirements Analysis in its Kiro agentic platform, which uses LLMs to formalize natural-language specs into mathematical logic, then applies SMT solvers to detect contradictions, ambiguities, and gaps before they propagate into code. The three-stage pipeline catches requirement bugs that typically surface only in production.

#agents #formal verification #SMT solver #requirements engineering

Read article →

AI 7.0

GitHub Blog

May 15, 2026

Building a general-purpose accessibility agent—and what we learned in the process

GitHub describes an experimental accessibility agent integrated into Copilot CLI and VS Code that automatically detects and remediates accessibility issues in pull requests. The agent has reviewed 3,535 PRs with a 68% resolution rate, focusing on WCAG-aligned issues like semantic structure, control naming, and keyboard navigation.

#agents #Copilot #accessibility #code review automation

Read article →

AI 6.0

The New Stack

May 15, 2026

The software fix that could shrink AI's energy bill without new hardware

Shifting AI workloads from batch processing to real-time streaming flattens compute demand spikes, reducing energy consumption without hardware upgrades. Batch processing creates peak-load provisioning waste; streaming distributes compute evenly and aligns with grid capacity constraints.

#energy efficiency #streaming #batch processing #infrastructure

Read article →

AI 5.0

Google Cloud Blog

May 15, 2026

Gemini Live Agent Challenge: Announcing the winners and highlights

Google announced winners of the Gemini Live Agent Challenge, which drew 11,878 participants and 1,536 projects from 151 countries. Winning agents demonstrated multimodal capabilities using the Gemini Live API and Agent Development Kit (ADK), spanning three categories: Live Agent, Creative Storyteller, and UI Navigator.

#agents #Gemini Live API #multimodal #ADK

Read article →

Security 6.0

The New Stack

May 15, 2026

Why AI is failing in the security operations center

Agentic AI tools deployed in SOCs underperform because they operate on siloed, stale, or incorrect data across disconnected tools and cloud/on-premises infrastructure. The article examines why real-world SOC complexity defeats vendor demo conditions and highlights data unification as the prerequisite for effective AI.

#agents #SOC #security #data integration

Read article →

AI 6.0

AWS ML Blog

May 15, 2026

Restrict access to sensitive documents in your Amazon Quick knowledge bases for Amazon S3

Amazon Quick now supports document-level access control lists (ACLs) for S3-backed knowledge bases, enabling fine-grained permission enforcement at the document or folder level. When users query the knowledge base, Quick evaluates their identity against ACL configuration and surfaces only authorized content, allowing organizations to safely ingest full document libraries while maintaining compliance.

#RAG #access control #knowledge bases #S3

Read article →

Security 8.0

Google Cloud Blog

May 15, 2026

Welcome to BlackFile: Inside a Vishing Extortion Operation

Google Threat Intelligence Group documented UNC6671 (BlackFile), an extortion campaign targeting organizations via voice phishing and SSO compromise. The group uses adversary-in-the-middle techniques to bypass MFA, then exfiltrates data from Microsoft 365 and Okta using Python and PowerShell scripts. Since early 2026, UNC6671 has targeted dozens of organizations across North America, Australia, and the UK.

#threat intelligence #vishing #identity compromise #MFA bypass

Read article →

Security 5.0

GitHub Blog

May 15, 2026

Raising the bar: Quality, shared responsibility, and the future of GitHub's bug bounty program

GitHub addresses the surge in low-quality bug bounty submissions driven by AI-assisted security research tools. The post discusses how AI has lowered the barrier to entry for fuzzing and vulnerability discovery, leading to noise alongside legitimate findings, and outlines GitHub's approach to maintaining program quality without shutting down.

#security #bug bounty #vulnerability research #AI tooling

Read article →

Security 7.0

The Hacker News

May 15, 2026

Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence

Cyera researchers disclosed four chained vulnerabilities in OpenClaw that enable data theft, privilege escalation, and persistence. The flaws, collectively dubbed Claw Chain, allow attackers to establish footholds, expose sensitive data, and plant backdoors.

#CVE #OpenClaw #privilege escalation #data theft

Read article →

AI 7.0

Docker Blog

May 15, 2026

Custom MCP Catalogs and Profiles: Advancing Enterprise MCP Adoption

Docker announces general availability of Custom Catalogs and Profiles for Model Context Protocol (MCP) servers. Custom Catalogs let organizations curate and distribute approved MCP server collections; Profiles enable developers to define portable, named groupings of MCP tools. Both features address enterprise governance and cross-team tool sharing.

#MCP #Model Context Protocol #enterprise governance #tool distribution

Read article →

AI 6.0

The New Stack

May 15, 2026

The hidden cost of build vs. buy for agentic AI in regulated industries

Organizations face a familiar pattern with agentic AI: point solutions proliferate, integration overhead balloons, and governance breaks down. The article argues that while DIY platforms enable learning, regulated industries need consistent, governable AI enablement across teams, not fragmented toolchains. Build vs. buy decisions require weighing engineering velocity against organizational scalability.

#agentic AI #platform strategy #governance #regulated industries

Read article →

DevOps 7.0

InfoQ DevOps

May 15, 2026

Discord Reveals How a Hidden Circular Dependency Triggered Its March Voice Outage

Discord published a postmortem on its March 25, 2026, voice outage, attributing the cascading failure to a previously undetected circular dependency in voice infrastructure. The hidden dependency triggered a chain reaction that disrupted voice services platform-wide.

#incident postmortem #circular dependency #voice infrastructure #cascading failure

Read article →

AI 7.0

CNCF Blog

May 15, 2026

Extending AI gateways with Rust: Custom transformations in agentgateway and kgateway

Hands-on tutorial for building custom Envoy dynamic modules in Rust to extend agentgateway and kgateway with domain-specific request transformations. Covers packaging as Docker images, deploying to Kubernetes, and testing against mock LLM endpoints. No prior Rust experience required; runs entirely locally in 30-45 minutes.

#AI gateways #Envoy #Rust #custom policies

Read article →

Security 6.0

The Hacker News

May 15, 2026

What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface

Bitdefender analysis shows that trusted administration tools (PowerShell, WMIC, netsh, Certutil, MSBuild) are the preferred toolkit of modern threat actors, not malware. A 45-day observation window reveals that the real attack surface is indistinguishable from legitimate IT operations.

#threat actor tactics #living-off-the-land #PowerShell #detection evasion

Read article →

Security 6.0

The Hacker News

May 15, 2026

TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates

OpenAI disclosed that two employee devices were compromised via the Mini Shai-Hulud supply chain attack on TanStack. No user data, production systems, or intellectual property were compromised. The incident prompted macOS updates and containment procedures.

#supply-chain attack #TanStack #Mini Shai-Hulud #macOS

Read article →

AI 7.0

InfoQ DevOps

May 15, 2026

Benchmarking AI Agents on Kubernetes

Brandon Foley published a CNCF benchmarking study showing that AI coding agents can isolate and fix individual bugs but struggle with system-wide impact analysis. The research challenges the assumption that improved code retrieval alone drives better automated bug fixing.

#agents #code generation #RAG #evals

Read article →

Security 8.0

The Hacker News

May 15, 2026

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email

Microsoft Exchange Server on-premises is under active exploitation for CVE-2026-42897, a CVSS 8.1 spoofing vulnerability stemming from a cross-site scripting flaw in email handling. The vulnerability allows attackers to craft malicious emails that trigger the XSS condition, potentially leading to credential theft or session hijacking.

#CVE #Exchange Server #XSS #spoofing

Read article →

Security 9.0

The Hacker News

May 15, 2026

CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits

CISA added CVE-2026-20182, a critical authentication bypass in Cisco Catalyst SD-WAN Controller, to its Known Exploited Vulnerabilities catalog. Federal agencies must remediate by May 17, 2026. The vulnerability allows unauthenticated attackers to gain administrative access to SD-WAN controllers.

#CVE #authentication bypass #SD-WAN #Cisco

Read article →

Security 9.0

Snyk Blog

May 15, 2026

Malicious node-ipc versions published to npm in suspected maintainer account compromise

Multiple malicious versions of the widely-used npm package node-ipc were published on May 14, 2026, following a suspected compromise of the maintainer account. The incident affects any project with node-ipc as a direct or transitive dependency.

#supply-chain attack #npm #node-ipc #account compromise

Read article →

AI 7.0

AWS News

May 14, 2026

Amazon Bedrock introduces new advanced prompt optimization and migration tool

Amazon Bedrock Advanced Prompt Optimization automates prompt refinement across up to 5 models simultaneously using metric-driven feedback loops. The tool accepts prompt templates, example inputs, ground truth answers, and evaluation metrics (including LLM-as-a-judge rubrics or Lambda functions), supporting multimodal inputs (PNG, JPG, PDF) and outputting optimized prompts with cost and latency estimates.

#LLM #prompt engineering #evals #model migration

Read article →

DevOps 5.0

GitHub Blog

May 14, 2026

GitHub availability report: April 2026

GitHub experienced 10 incidents in April, including an 8-hour 43-minute outage of code search on April 1 caused by an overly aggressive messaging system upgrade and unintended service deployment that cleared routing state. The company is increasing transparency with detailed incident postmortems and enhanced status page visibility.

#incident #outage #infrastructure #observability

Read article →

Cloud 6.0

Databricks Blog

May 14, 2026

Expanded interoperability with Unity Catalog Open APIs

Databricks expands Unity Catalog with open APIs enabling third-party tools and platforms to read and write metadata without vendor lock-in. The APIs allow external systems to query lineage, governance, and schema information across the open lakehouse.

#Unity Catalog #metadata #APIs #interoperability

Read article →

AI 6.0

Databricks Blog

May 14, 2026

From manual to autonomous: how AI agents are transforming electric grid operations

Databricks explores how AI agents are being deployed to automate electric grid operations, moving utilities from manual intervention to autonomous decision-making. The article covers real-world applications in grid management and the infrastructure required to support agentic workflows at scale.

#agents #LLM #autonomous systems #MLOps

Read article →

AI 6.0

The New Stack

May 14, 2026

OpenAI brings Codex to the ChatGPT mobile app

OpenAI extended Codex to iOS and Android by connecting the mobile app to a local or remote machine running Codex, keeping the mobile interface in sync with desktop state. The connection routes through a relay layer to maintain security without exposing machines to the public internet.

#LLM #code generation #mobile #Codex

Read article →

AI 5.0

NVIDIA Developer Blog

May 14, 2026

How the NVIDIA Vera Rubin Platform is Solving Agentic AI's Scale-Up Problem

NVIDIA Vera Rubin NVL72 addresses the inference scaling challenges of agentic AI workloads, which introduce non-deterministic trajectories and compound end-to-end latency across hundreds of inference requests per session.

#agents #inference #GPU #latency

Read article →

AI 7.0

Hugging Face Blog

May 14, 2026

Granite Embedding Multilingual R2: Open Apache 2.0 Multilingual Embeddings with 32K Context - Best Sub-100M Retrieval Quality

IBM and Hugging Face release Granite Embedding Multilingual R2, an open-source embedding model under Apache 2.0 license with 32K context window and sub-100M parameters. The model achieves competitive retrieval quality across multiple languages while remaining lightweight for on-premise or edge deployment.

#embeddings #RAG #multilingual #open-source

Read article →

DevOps 8.0

Kubernetes Blog

May 14, 2026

Kubernetes v1.36: Deprecation and removal of Service ExternalIPs

Kubernetes 1.36 formally deprecates the .spec.externalIPs field for Service due to security vulnerabilities (CVE-2020-8554) that enable exploits in untrusted clusters. The feature, an early attempt at load-balancer functionality for non-cloud environments, will be removed in a future release, with better alternatives now available. A DenyServiceExternalIPs admission controller can enforce the deprecation immediately.

#Kubernetes #security #deprecation #API

Read article →

Security 9.0

The Hacker News

May 14, 2026

Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access

Cisco released patches for CVE-2026-20182, a CVSS 10.0 authentication bypass in Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager affecting peering authentication. The flaw is actively exploited in limited attacks to gain admin access. Immediate patching required for all affected deployments.

#CVE #authentication #SD-WAN #Cisco

Read article →

AI 6.0

AWS ML Blog

May 14, 2026

Improve bot accuracy with Amazon Lex Assisted NLU

Amazon Lex Assisted NLU uses large language models to handle natural language variations without manual utterance configuration. The feature combines traditional ML with LLMs to improve bot accuracy on complex requests, ambiguous phrases, and diverse customer phrasings that rule-based systems struggle with.

#LLM #NLU #conversational AI #Lex

Read article →

AI 7.0

The New Stack

May 14, 2026

Cloud code: Conductor joins the rush toward remote coding agents

Conductor, an AI coding agent startup, launched Conductor Cloud to move agents from local laptops into persistent cloud environments where they can run longer, operate in parallel, and continue after developers close their machines. This mirrors similar moves by Anthropic (Claude Managed Agents), Mistral (Vibe), and Roo Code (Roomote).

#agents #code generation #cloud #AI coding

Read article →

AI 7.0

AWS ML Blog

May 14, 2026

Real-time voice agents with Stream Vision Agents and Amazon Nova 2 Sonic

Stream's Vision Agents open-source framework integrates with Amazon Bedrock and Amazon Nova 2 Sonic to build production-grade voice agents with low-latency audio streaming, function calling, automatic reconnection, and multilingual support. The post covers orchestrating speech-to-text, LLM inference, and text-to-speech within latency windows of hundreds of milliseconds.

#LLM #agents #voice #real-time

Read article →

Security 9.0

The Hacker News

May 14, 2026

Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets

Three versions of the npm package node-ipc (9.1.6, 9.2.3, 12.0.1) were confirmed malicious by Socket and StepSecurity, containing a stealer backdoor targeting developer secrets. The compromised versions exfiltrate credentials and sensitive data from developer environments. Immediate removal and audit of node-ipc dependencies required.

#supply-chain #npm #backdoor #malware

Read article →

AI 5.0

The New Stack

May 14, 2026

GitLab is betting a 19th-century economic theory will shape its AI era

GitLab's new CEO Bill Staples announced a major restructuring focused on AI agents, arguing that cheaper software production will expand demand rather than shrink it (Jevons' paradox). The company is consolidating products and shifting developer focus from writing code to supervising and reviewing machine-generated output.

#agents #AI #developer tools #strategy

Read article →

AI 6.0

The New Stack

May 14, 2026

Anthropic splits billing again: Agent SDK gets separate credit pools

Anthropic introduced separate monthly credit pools for programmatic usage (Agent SDK, claude-p, GitHub Actions, third-party apps) starting June 15, drawing a distinction between interactive and programmatic billing. Users must claim the credit once; if exhausted, they can enable usage credits to continue.

#LLM #billing #Agent SDK #Claude

Read article →

Cloud 5.0

AWS ML Blog

May 14, 2026

From siloed data to unified insights: Cross-account Athena Access for Amazon Quick

Amazon Quick now supports cross-account Amazon Athena access, enabling centralized Quick deployments to query data across multiple AWS accounts without data movement. This solves the multi-account data silo problem common in enterprises where Quick runs in a central account while data resides in business unit accounts.

#AI #data integration #cross-account #Athena

Read article →

AI 7.0

AWS ML Blog

May 14, 2026

Control where your AI agents can browse with Chrome enterprise policies on Amazon Bedrock AgentCore

Amazon Bedrock AgentCore Browser now supports Chrome enterprise policies and custom root CA certificates to restrict agent web access and enable connectivity to internal services. Organizations can configure over 450 browser settings including URL filtering, download restrictions, and password manager controls via familiar Chrome JSON configuration.

#agents #security #browser control #Bedrock

Read article →

Security 6.0

The Hacker News

May 14, 2026

ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories

A weekly threat bulletin covering multiple critical vulnerabilities including PAN-OS RCE, cURL bugs, and AI tokenizer attacks, alongside supply-chain exploitation and social engineering campaigns. The bulletin emphasizes recurring patterns of weak security controls, fake help desks, and supply-chain attacks being weaponized for reputation and profit.

#CVE #supply-chain #RCE #threat intelligence

Read article →

Engineering 7.0

GitHub Blog

May 14, 2026

From latency to instant: Modernizing GitHub Issues navigation performance

GitHub optimized Issues navigation by shifting work to the client with IndexedDB-backed caching, a preheating strategy to boost cache hits, and a service worker to preserve cached data across hard navigations. The approach renders instantly from local data then revalidates in the background, eliminating redundant fetches during backlog workflows.

#performance #caching #service worker #IndexedDB

Read article →

AI 7.0

Google Cloud Blog

May 14, 2026

What's new with Google Data Cloud

Google Data Cloud updates include Managed Service for Apache Airflow 3.1 GA with AI-powered agentic troubleshooting and YAML orchestration, BigQuery Graph preview for graph analytics, new Google-built ODBC driver, and Conversational Analytics for Looker powered by Gemini.

#Apache Airflow #BigQuery #Gemini #agents

Read article →

AI 5.0

HashiCorp Blog

May 14, 2026

The great AI divide: Why early leaders embrace an AI operating model

Organizations are moving beyond isolated AI experimentation toward operationalizing AI at enterprise scale. Early leaders adopt an AI operating model that enables intelligence, automation, governance, and execution consistently across hybrid environments, with infrastructure adapting dynamically and operational decisions happening continuously.

#AI #operations #governance #enterprise

Read article →

Security 5.0

The Hacker News

May 14, 2026

Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike

The Belarus-aligned threat group Ghostwriter (also tracked as FrostyNeighbor, PUSHCHA, Storm-0257, TA445, UAC-0057) conducted fresh attacks on Ukrainian government organizations using geofenced PDF phishing and Cobalt Strike payloads. Active since at least 2016, the group conducts both cyber espionage and influence operations targeting Ukraine and neighboring countries.

#threat actor #phishing #Cobalt Strike #Ukraine

Read article →

Engineering 7.0

Cloudflare Blog

May 14, 2026

Our billing pipeline was suddenly slow. The culprit was a hidden bottleneck in ClickHouse

Cloudflare's billing pipeline hit performance deadlines after redesigning a petabyte-scale ClickHouse table. Root cause was lock contention in query planning during partition key changes, not I/O or memory, requiring patches to ClickHouse internals.

#ClickHouse #performance #query optimization #analytics

Read article →

Engineering 7.0

The New Stack

May 14, 2026

The Rust sidecar pattern that fixes Python AI's biggest weakness

A guide to pairing Python (for AI logic and abstraction) with Rust (for high-performance networking, concurrency, and memory safety) in a sidecar architecture to achieve production-grade deterministic performance at scale. The pattern isolates Python's intelligence from infrastructure concerns while Rust handles reliability and operational responsibility.

#Python #Rust #sidecar #performance

Read article →

AI 5.0

OpenAI Blog

May 14, 2026

Work with Codex from anywhere

Codex is now available in the ChatGPT mobile app, allowing engineers to monitor, steer, and approve coding tasks in real time across devices and remote environments.

#Codex #code generation #mobile #remote work

Read article →

AI 8.0

The Hacker News

May 14, 2026

PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure

CVE-2026-44338 (CVSS 7.3), a missing authentication flaw in PraisonAI open-source multi-agent orchestration framework, was exploited within four hours of public disclosure. The vulnerability exposes sensitive endpoints to unauthenticated access, allowing attackers to invoke arbitrary agent operations. Immediate patching required for all PraisonAI deployments.

#CVE #authentication #AI agents #open-source

Read article →

AI 7.0

The Hacker News

May 14, 2026

How AI Hallucinations Are Creating Real Security Risks

AI hallucinations pose serious security risks in critical infrastructure decision-making by generating confident but incorrect outputs that exploit human trust. Models lack mechanisms to signal uncertainty and instead produce high-confidence false information based on training data patterns. This creates dangerous scenarios where infrastructure operators rely on fabricated recommendations.

#AI safety #hallucinations #LLM #infrastructure

Read article →

AI 8.0

CNCF Blog

May 14, 2026

When AI agents become contributors: How KubeStellar reached 81% PR acceptance

A solo developer used two AI coding agents in parallel to build KubeStellar Console, a multi-cluster Kubernetes dashboard in Go/React/TypeScript with Helm packaging, achieving 81% PR acceptance. Initial velocity gains (2-hour tasks vs 3-day estimates) degraded into cascading failures and architectural drift, requiring extensive reverting. The core lesson: agent autonomy requires robust surrounding codebase infrastructure to prevent scope creep and silent regressions.

#AI agents #code generation #Kubernetes #multi-agent

Read article →

DevOps 6.0

InfoQ DevOps

May 14, 2026

Pinterest Engineers Eliminate CPU Zombies to Resolve Production Bottlenecks

Pinterest resolved CPU starvation in ML training jobs on PinCompute (Kubernetes platform) by identifying and disabling an unused Amazon ECS agent causing memory cgroup leaks. The fix stabilized performance across machine learning workloads.

#Kubernetes #cgroup #memory management #ML training

Read article →

Security 8.0

The Hacker News

May 14, 2026

Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation

A researcher disclosed two Windows zero-days codenamed YellowKey and GreenPlasma: a BitLocker bypass and a CTFMON (Collaborative Translation Framework) privilege escalation. These follow three previously disclosed Microsoft Defender vulnerabilities from the same researcher. Both flaws remain unpatched and expose full-disk encryption and privilege escalation attack vectors.

#CVE #Windows #BitLocker #privilege escalation

Read article →

DevOps 8.0

InfoQ DevOps

May 14, 2026

Kubernetes v1.36: Security Defaults Tighten as AI Workload Support Matures

Kubernetes v1.36 ships 70 enhancements with User Namespaces, Mutating Admission Policies, and Fine-Grained Kubelet API Authorization graduating to GA. New AI resource allocation features and improved workload management address security and ML infrastructure needs.

#Kubernetes #security #AI workloads #admission control

Read article →

Security 8.0

The Hacker News

May 14, 2026

New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption

CVE-2026-46300 (CVSS 7.8) is a third local privilege escalation vulnerability discovered in the Linux kernel within two weeks, rooted in XFRM page cache corruption. Attackers can escalate from local access to root, following recent Dirty Frag variants.

#CVE #Linux kernel #LPE #privilege escalation

Read article →

Security 9.0

The Hacker News

May 14, 2026

18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE

CVE-2026-42945 (CVSS 9.2) is a heap buffer overflow in ngx_http_rewrite_module that went undetected for 18 years in NGINX Plus and Open. Unauthenticated attackers can achieve remote code execution.

#CVE #NGINX #RCE #buffer overflow

Read article →

AI 7.0

OpenAI Developers

May 14, 2026

Follow a goal | Codex use cases

OpenAI documents Codex /goal, an experimental CLI mode that keeps the agent working across turns toward a verifiable stopping condition instead of stopping after one turn. Targets migrations, large refactors, deployment retry loops, and prompt-optimization workflows that have a clear validation loop. Exposes /goal pause, /goal resume, /goal clear, plus checkpoint-based progress tracking; intended to run unattended for hours.

#Codex #agents #CLI #long-running tasks

Read article →

AI 7.0

Hugging Face Blog

May 14, 2026

Unlocking asynchronicity in continuous batching

Hugging Face explores asynchronous request handling in continuous batching inference systems, addressing latency and throughput trade-offs when requests arrive at irregular intervals. The post covers architectural patterns for decoupling request arrival from batch formation to maximize GPU utilization.

#inference #batching #performance #async

Read article →

AI 6.0

OpenAI Blog

May 14, 2026

Helping ChatGPT better recognize context in sensitive conversations

OpenAI has updated ChatGPT's safety systems to improve context awareness in sensitive conversations, enabling the model to detect risks that emerge over time rather than in isolation. The update helps ChatGPT respond more safely by understanding conversational patterns and nuance in high-stakes scenarios.

#LLM #safety #context-awareness #prompt-engineering

Read article →

AI 6.0

Anthropic News

May 14, 2026

Anthropic forms $200 million partnership with the Gates Foundation

Anthropic has announced a $200 million partnership with the Bill and Melinda Gates Foundation to develop AI applications for global health and development. The partnership focuses on using Claude for research, policy analysis, and decision support in low-income countries.

#LLM #Claude #global health #AI for good

Read article →

AI 7.0

The New Stack

May 13, 2026

Fivetran's CPO: Closed data stacks won't survive the agent era

Fivetran CPO Anjan Kundavaram argues that closed data stacks cannot handle agentic AI workloads efficiently because agents run 10-100x more queries than humans, routing all queries through expensive compute paths. Fivetran proposes Open Data Infrastructure with multiple compute engines so agents can route queries to cost-optimal paths.

#agents #data infrastructure #cost optimization #analytics

Read article →

AI 8.0

The New Stack

May 13, 2026

MinIO's MemKV promises 95% better GPU utilization by ending AI recompute tax

MinIO launched MemKV, a context memory store for AI inference that uses petabyte-scale flash-based storage accessed over 800 Gbps RDMA to reduce recomputation overhead. MemKV improves TTFT and TPOT metrics by providing persistent, shared context across GPU clusters, addressing the recompute tax problem in multi-step reasoning workloads.

#inference infrastructure #context memory #GPU optimization #RDMA

Read article →

AI 5.0

Databricks Blog

May 13, 2026

Data quality is the AI strategy

Databricks argues that data quality is foundational to AI success, particularly in healthcare where poor data directly impacts model reliability and patient outcomes. The post connects data governance, lineage tracking, and quality metrics to downstream AI model performance.

#data-quality #AI #governance #healthcare

Read article →

AI 5.0

Databricks Blog

May 13, 2026

The Rosetta stone of CPS: Claroty's AI-powered library

Claroty has built an AI-powered library that translates between industrial control system protocols and formats, enabling unified visibility across heterogeneous OT environments. The system uses machine learning to normalize and correlate data from legacy and modern industrial equipment.

#AI #industrial #OT-security #protocol-translation

Read article →

DevOps 8.0

Kubernetes Blog

May 13, 2026

Kubernetes v1.36: Advancing Workload-Aware Scheduling

Kubernetes v1.36 separates the Workload API (static template) from the new PodGroup API (runtime state) to improve scheduling for AI/ML and batch workloads. The release introduces a new PodGroup scheduling cycle for atomic workload processing, topology-aware scheduling, workload-aware preemption, and ResourceClaim support for Dynamic Resource Allocation on PodGroups. Job controller integration with the new APIs begins in this release.

#Kubernetes #scheduling #workload-aware #batch

Read article →

Cloud 5.0

Databricks Blog

May 13, 2026

Clinical operations intelligence belongs on the Lakehouse

Databricks argues that clinical operations data (scheduling, resource allocation, patient flow) should be centralized on a lakehouse rather than siloed in separate systems. The post outlines how unified data enables real-time operational analytics and AI-driven optimization in healthcare.

#lakehouse #healthcare #analytics #operational-intelligence

Read article →

AI 6.0

AWS ML Blog

May 13, 2026

Build financial document processing with Pulse AI and Amazon Bedrock

This post demonstrates a document extraction and fine-tuning pipeline combining Pulse AI's document understanding with Amazon Bedrock to handle complex financial documents (balance sheets, SEC filings, audit materials) that traditional OCR fails on. The solution addresses OCR errors that cascade through interconnected calculations and preserves structural relationships and contextual nuances in multi-column layouts with merged cells.

#LLM #document-understanding #OCR #fine-tuning

Read article →

AI 6.0

AWS ML Blog

May 13, 2026

Build real-time voice streaming applications with Amazon Nova Sonic and WebRTC

AWS demonstrates a real-time voice streaming solution combining Amazon Nova 2 Sonic (unified speech-to-speech model) with Amazon Kinesis Video Streams WebRTC for dynamic bitrate adjustment and cross-browser compatibility. Nova Sonic handles speech recognition, language processing, and synthesis in a single model, while WebRTC maintains audio quality over unstable networks with automatic bitrate scaling.

#LLM #speech-to-speech #voice-agents #streaming

Read article →

AI 7.0

AWS ML Blog

May 13, 2026

Securing AI agents: How AWS and Cisco AI Defense scale MCP and A2A deployments

AWS and Cisco address security gaps in rapidly scaling Model Context Protocol (MCP) and Agent-to-Agent (A2A) deployments by providing visibility into tool and agent inventory, automating security reviews, and maintaining audit trails. The partnership tackles three challenges: visibility gaps in which tools are deployed, manual review bottlenecks slowing AI application deployment, and compliance risks from incomplete tracking under SOX and GDPR frameworks.

#agents #MCP #security #compliance

Read article →

AI 7.0

AWS ML Blog

May 13, 2026

Fine-tune LLM with Databricks Unity Catalog and Amazon SageMaker AI

This post demonstrates secure LLM fine-tuning on Ministral-3-3B-Instruct by integrating Databricks Unity Catalog with Amazon SageMaker AI and Amazon EMR Serverless for preprocessing. The solution preserves Unity Catalog's fine-grained authorization model when SageMaker Training jobs access S3 data, maintaining data lineage and compliance visibility without bypassing governance controls.

#LLM #fine-tuning #data-governance #SageMaker

Read article →

AI 8.0

Google Cloud Blog

May 13, 2026

The power of LLMs on your data, more than two orders of magnitude faster and cheaper

Google Cloud published a SIGMOD paper on proxy models, ultra-lightweight task-specific models that replace majority LLM calls in AI-powered SQL functions, achieving 100x+ speedup and 1000x cost reduction. Proxy models are trained on-the-fly or ahead of time to handle semantic queries like 'which product reviews mention durability issues' without full LLM invocation on every row.

#LLM #SQL #inference optimization #proxy models

Read article →

DevOps 7.0

HashiCorp Blog

May 13, 2026

New in Terraform 1.15: Dynamic sources, variable deprecation, and more

Terraform 1.15 adds const variables that can be used during terraform init to parameterize module sources and versions, enabling dynamic module dependencies. New deprecated attribute for variables and outputs allows module authors to signal breaking changes with warnings during validation.

#Terraform #infrastructure-as-code #modules #variables

Read article →

AI 6.0

Google Cloud Blog

May 13, 2026

How Glance turns hours of video into mobile-ready clips with AI

Glance built an AI pipeline to transform 1-2 hour landscape videos into 30-180 second vertical mobile clips, handling key moment identification, active speaker detection, and dynamic split-screen layout. The system scales from 3,500 to 10,000+ videos daily using computer vision and video generation models.

#video generation #computer vision #active speaker detection #video processing

Read article →

Cloud 6.0

Azure Blog

May 13, 2026

From commit to cloud: Powering what's next for PostgreSQL

Microsoft has contributed 345 commits to the latest PostgreSQL release and maintains a team of upstream committers. The post highlights PostgreSQL's role as foundational infrastructure for AI workloads, with emphasis on transactional correctness, extensibility, and Azure's managed Postgres services and developer tools.

#PostgreSQL #database #managed services #AI infrastructure

Read article →

Cloud 5.0

Google Cloud Blog

May 13, 2026

The new era of SaMD: Why cloud infrastructure is the foundation for digital health in 2026

Google Cloud discusses how cloud infrastructure enables software-as-medical-device (SaMD) compliance with FDA QMSR and EU AI Act. Modern SaMD systems combine embedded firmware, mobile apps, and cloud services; cloud-native patterns automate document control and change management required for regulated AI diagnostics.

#medical device #regulatory compliance #FDA QMSR #EU AI Act

Read article →

AI 5.0

Google Cloud Blog

May 13, 2026

Smart moves: Building resilient transportation systems with Google AI

Google Cloud highlights Road Management Insights (RMI), which provides high-accuracy travel time, speed, disruption, and vehicle count data across road networks without physical sensors. The system enables agencies to identify incidents before emergency calls and analyze congestion trends for Vision Zero safety goals.

#transportation #computer vision #incident detection #traffic analytics

Read article →

AI 7.0

The New Stack

May 13, 2026

Red Hat's skill packs give AI agents something a bigger model never could: 20 years of institutional memory

Red Hat announced a dedicated AI skills repository enabling agents to access 20+ years of institutional knowledge through RAG-enriched LLMs with reasoning and execution capabilities. The Ask Red Hat chatbot demonstrates this approach, combining retrieval with agent planning against real Red Hat estates while enforcing subscription, security, and lifecycle guardrails.

#agents #RAG #LLM #skills

Read article →

AI 5.0

The New Stack

May 13, 2026

Anthropic's Claude Code agent view is a better dashboard. So why aren't developers convinced?

Anthropic released agent view in Claude Code, a CLI dashboard for managing multiple parallel agent sessions with status indicators and inline reply capabilities. While it centralizes session management and reduces terminal window juggling, developers remain skeptical about whether it addresses deeper workflow challenges.

#agents #Claude #CLI #developer tools

Read article →

AI 7.0

The New Stack

May 13, 2026

OpenAI's Daybreak and Anthropic's Glasswing have nearly identical benchmarks — and 3 of the same partners

OpenAI launched Daybreak, a cybersecurity initiative using GPT-5.5 and Codex Security agent harness, mirroring Anthropic's Project Glasswing (Claude Mythos Preview). Both aim to find and validate vulnerabilities at scale. Notably, Cisco, CrowdStrike, and Palo Alto Networks run both stacks in parallel rather than choosing sides.

#agents #security #LLM #cybersecurity

Read article →

AI 6.0

NVIDIA Developer Blog

May 13, 2026

Transform Video Into Instantly Searchable, Actionable Intelligence with AI Agents and Skills

NVIDIA Metropolis Blueprint for video search and summarization (VSS) uses AI agents and skills to extract real-time insights from massive video streams and recorded footage. The system transforms millions of live or recorded videos into instantly searchable, actionable intelligence for organizations.

#agents #video processing #NVIDIA Metropolis #real-time inference

Read article →

AI 6.0

The New Stack

May 13, 2026

I tested OpenAI's three claims about GPT-5.5 Instant, and only one fully held up

Testing GPT-5.5 Instant against GPT-5.2 on OpenAI's three claims (smarter answers, 30% more concise, deeper personalization) revealed mixed results. GPT-5.2 was consistently more concise in direct comparison, contradicting the 30% brevity claim, though GPT-5.5 showed improvements in other dimensions.

#LLM #model evaluation #benchmarking #GPT

Read article →

DevOps 7.0

Databricks Blog

May 13, 2026

ABAC row filtering and column masking policies, governed tags, and data classification are now generally available in Unity Catalog

Databricks Unity Catalog now offers attribute-based access control (ABAC), row filtering, column masking, governed tags, and automated data classification for fine-grained governance at scale. These features enable organizations to enforce data protection policies automatically as data estates grow.

#Unity Catalog #ABAC #data governance #security

Read article →

AI 7.0

The New Stack

May 13, 2026

Temporal hits 3,000 paying customers with its crash-proof workflow engine

Temporal announced 3,000+ paying customers for its Durable Execution framework, which automatically persists workflow state to enable long-running processes to resume after crashes or network failures. The platform is increasingly used for AI workloads by companies like Nvidia, Netflix, Snap, and Stripe.

#durable execution #workflow orchestration #fault tolerance #AI infrastructure

Read article →

AI 7.0

The Hacker News

May 13, 2026

Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday

Microsoft unveiled MDASH (multi-model agentic scanning harness), an AI-driven vulnerability discovery system using bespoke agents for different vulnerability classes. The model-agnostic system is in limited private preview and has already identified 16 Windows flaws included in recent Patch Tuesday releases.

#AI agents #vulnerability detection #security automation #LLM

Read article →

AI 8.0

The New Stack

May 13, 2026

Why agent harnesses fail inside cloud-native systems

Agent performance depends more on harness design (prompts, tools, feedback loops, sandboxes) than model selection, but cloud-native systems make feedback loops difficult to implement. The article examines how distributed infrastructure complicates the feedback signals agents need to validate their code changes, and what infrastructure patterns are required to close that loop.

#agents #feedback loops #cloud-native #tool-use

Read article →

Cloud 7.0

Cloudflare Blog

May 13, 2026

Browser Run: now running on Cloudflare Containers, it's faster and more scalable

Cloudflare migrated Browser Run from shared infrastructure to Cloudflare Containers, achieving 4x concurrency (120 browsers), 60 browsers/minute spinup, and 50%+ latency reduction for Quick Actions. The move enables AI agents to interact with the web at scale without code changes.

#browser automation #headless browsers #AI agents #web interaction

Read article →

AI 6.0

The New Stack

May 13, 2026

How to build a skills library for your engineering team

A team built a centralized skills library to standardize AI agent configuration across engineers, replacing ad-hoc local configs with version-controlled Markdown skill files. The library enforces company standards (security, incident protocols, coding conventions) while allowing optional skills based on task context.

#agents #skills #prompt engineering #team practices

Read article →

Security 6.0

The New Stack

May 13, 2026

Cimento emerges from stealth to secure the one thing no firewall can protect

Cimento launched an AI-native human risk management platform that builds behavioral risk profiles for employees by integrating with email, IDPs, cloud providers, and security tools. The platform aims to address the human element in enterprise security as AI-driven attacks become cheaper and more prevalent.

#security #human risk #behavioral analysis #enterprise security

Read article →

Security 6.0

The Hacker News

May 13, 2026

Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation

A China-affiliated threat actor (FamousSparrow/UAT-9244) conducted multi-wave intrusions against an Azerbaijani oil and gas company from December 2025 to February 2026, exploiting Microsoft Exchange vulnerabilities. The campaign marks an expansion of the group's targeting beyond previous operations.

#threat intelligence #Exchange exploitation #supply-chain #APT

Read article →

DevOps 5.0

The New Stack

May 13, 2026

Cloud native application challenges: installing the walking skeleton

This excerpt from Manning's Platform Engineering on Kubernetes covers managing YAML-defined Kubernetes resources (Deployments, Services, Ingress, ConfigMaps/Secrets) at scale. It focuses on declarative resource configuration for containerized applications on Kubernetes clusters.

#Kubernetes #YAML #Deployments #platform engineering

Read article →

AI 7.0

The New Stack

May 13, 2026

Why enterprise AI needs customization

One-size-fits-all model strategies fail because different tasks require different models: code generation models struggle with security analysis, frontier models may not meet data residency requirements. Organizations need the ability to mix and match models by task and deploy specialized models alongside general-purpose ones.

#LLM #model selection #enterprise AI #deployment

Read article →

DevOps 8.0

CNCF Blog

May 13, 2026

Building a cloud native platform from the ground up with Kairos, k0rdent, and bindy

RBC Capital Markets shares how they manage 50+ Kubernetes clusters across hybrid infrastructure (VMware and multi-cloud) using Kairos for node configuration, k0rdent for cluster lifecycle, and bindy for DNS integration. The post covers solving cluster drift, node reproducibility, and compliance challenges (SOX, PCI-DSS, Basel III) in a regulated environment.

#Kubernetes #platform engineering #cluster lifecycle #node configuration

Read article →

Security 7.0

The Hacker News

May 13, 2026

Most Remediation Programs Never Confirm the Fix Actually Worked

Mandiant's M-Trends 2026 report highlights a critical gap: security teams lack verification that remediation actually persists. With mean time to exploit at negative seven days and median remediation time at 32 days for edge devices, the industry faces a validation problem beyond visibility.

#remediation #vulnerability management #threat intelligence #metrics

Read article →

AI 6.0

OpenAI Blog

May 13, 2026

Building a safe, effective sandbox to enable Codex on Windows

OpenAI describes the sandbox architecture for Codex on Windows that enables safe code generation with controlled file access and network restrictions. The post covers how the sandbox isolates code execution while maintaining performance for real-time coding agent interactions.

#agents #code-generation #sandbox #security

Read article →

Security 9.0

Docker Blog

May 13, 2026

NIST Narrows the NVD: What Container Security Programs Should Reassess

NIST announced a prioritized enrichment model for the National Vulnerability Database effective April 15, 2026. Only CVEs in CISA's Known Exploited Vulnerabilities catalog, federal government software, or critical software (EO 14028) receive full CVSS scores, CPE mappings, and CWE classifications. Everything else moves to 'Not Scheduled' status, requiring organizations to reassess scanning and SLA workflows.

#CVE #NVD #container security #vulnerability scanning

Read article →

Security 7.0

The Hacker News

May 13, 2026

Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws

Microsoft released patches for 138 vulnerabilities across its portfolio: 30 Critical, 104 Important, 3 Moderate, 1 Low. The batch includes DNS and Netlogon RCE flaws and 61 privilege escalation bugs, with none currently publicly known or under active attack.

#CVE #patch #RCE #privilege escalation

Read article →

DevOps 7.0

InfoQ DevOps

May 13, 2026

Article: The Mathematics of Backlogs: Capacity Planning for Queue Recovery

Practical guide to backlog arithmetic in distributed systems, covering formulas for drain time, consumer headroom sizing, and auto-scaling triggers. Addresses failure modes including retry amplification, metastable states, and cascading bottlenecks, with guidance on load shedding vs. draining.

#capacity planning #queue theory #backlog recovery #auto-scaling

Read article →

Security 6.0

The Hacker News

May 13, 2026

GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data

GemStuffer campaign deployed over 150 malicious gems to RubyGems as a data exfiltration channel rather than for mass developer compromise. The packages show low download activity and repetitive payloads, suggesting targeted data theft from scraped U.K. council portals.

#supply-chain #RubyGems #data exfiltration #malicious packages

Read article →

DevOps 7.0

InfoQ DevOps

May 13, 2026

Grafana's Pyroscope 2.0 Makes Continuous Profiling Practical at Scale

Grafana Labs released Pyroscope 2.0, a rearchitected continuous profiling database with single write paths, stateless query processing, and OpenTelemetry Protocol support. Improvements target storage cost, query performance, and operational complexity at scale.

#continuous profiling #observability #OpenTelemetry #performance monitoring

Read article →

AI 7.0

InfoQ DevOps

May 13, 2026

AWS WorkSpaces Now Lets AI Agents Operate Legacy Desktop Applications Without APIs

AWS WorkSpaces now supports AI agents in public preview, enabling them to authenticate via IAM and control legacy desktop applications through computer vision and input simulation rather than APIs. Reflex benchmarks show vision-based agents consume 45x more tokens than API-based agents, highlighting the efficiency trade-off of this approach.

#agents #computer vision #tool-use #legacy systems

Read article →

Security 8.0

Google Project Zero

May 13, 2026

A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens

Google Project Zero published a 0-click exploit chain for Pixel 10 that achieves root in two exploits. The chain updates CVE-2025-54957 (Dolby UDC) for Pixel 10's RET PAC mitigation and replaces the BigWave LPE with a new VPU driver exploit. The Dolby exploit works on unpatched devices with SPL December 2025 or earlier.

#CVE #exploit #Android #privilege escalation

Read article →

Security 6.0

The Hacker News

May 13, 2026

Android Adds Intrusion Logging for Sophisticated Spyware Forensics

Google introduced Intrusion Logging, an opt-in Android feature within Advanced Protection Mode that stores persistent, privacy-preserving forensic logs for analyzing sophisticated spyware attacks. The feature enables post-compromise investigation and forensic analysis on suspected compromised devices.

#Android security #forensics #spyware detection #mobile security

Read article →

Security 8.0

OpenAI Blog

May 13, 2026

Our response to the TanStack npm supply chain attack

OpenAI details its response to the TanStack 'Mini Shai-Hulud' npm supply chain attack, which compromised signing certificates and affected macOS users. The company outlines defensive measures taken and mandates that macOS app users update by June 12, 2026 to maintain security.

#supply-chain #npm #security #CVE

Read article →

AI 5.0

Anthropic News

May 13, 2026

Introducing Claude for Small Business

Anthropic has launched Claude for Small Business, a product tier targeting SMBs with simplified pricing and features. The offering includes pre-built templates and workflows for common small business tasks like customer service, content creation, and operations.

#LLM #Claude #SMB #product launch

Read article →

AI 7.0

The New Stack

May 12, 2026

The new FinOps problem isn't cloud bills

FinOps discipline is being forced to evolve in months rather than years as AI token economics break traditional cloud cost models. New reasoning models consume 3x more tokens per task despite falling per-token prices, and identical prompts produce variable costs, requiring deterministic guardrails in agentic FinOps tools to remain useful.

#FinOps #token economics #cost management #agents

Read article →

Cloud 5.0

Databricks Blog

May 12, 2026

The Rise of Sports Intelligence: How the Lakehouse Turns Tracking Data into Competitive Advantage

Databricks showcases how professional sports teams use lakehouse architecture to process high-volume tracking data (20,000+ data points per second in basketball) for real-time analytics and competitive insights. The post covers Delta Lake, streaming ingestion, and ML model deployment on tracking data.

#lakehouse #streaming #Delta Lake #real-time analytics

Read article →

Security 8.0

Krebs on Security

May 12, 2026

Patch Tuesday, May 2026 Edition

Microsoft shipped 118 security fixes on May's Patch Tuesday, including 16 critical vulnerabilities, with no zero-day exploits currently in the wild. CVE-2026-41089 is a critical stack-based buffer overflow in Windows Netlogon granting SYSTEM privileges on domain controllers. This marks the first Patch Tuesday in nearly two years without active zero-day patches.

#CVE #Windows #critical #buffer-overflow

Read article →

AI 8.0

The New Stack

May 12, 2026

Jensen Huang and Bill McDermott bet on OpenShell to secure enterprise AI agents

Nvidia released OpenShell, an Apache 2.0 open-source secure runtime for autonomous agents that sandboxes agent execution to prevent direct OS/network/credential access. The project addresses the architectural mismatch between legacy software stacks built for human-speed interaction and autonomous agents operating at machine speed.

#agents #security #sandbox #runtime

Read article →

AI 7.0

Google Cloud Blog

May 12, 2026

SAP SAPPHIRE 2026: Google Cloud unveils unified agentic vision and massive compute scaling

Google Cloud and SAP announced a Unified Data Foundation connecting enterprise data to intelligent workflows via SAP Joule agents and Google Cloud agents. The partnership enables bidirectional agent collaboration and real-time data-to-action transformation for enterprise operations.

#agents #enterprise AI #data integration #SAP

Read article →

DevOps 7.0

Kubernetes Blog

May 12, 2026

Kubernetes v1.36: PSI Metrics for Kubernetes Graduates to GA

Pressure Stall Information (PSI) metrics reach GA in Kubernetes v1.36, providing node, pod, and container-level visibility into resource contention and task stalling. PSI captures cumulative stall time and moving averages (10s, 60s, 300s windows) across CPU, memory, and I/O, distinguishing transient spikes from sustained resource tension. Performance testing on high-density workloads (80+ pods) validated production readiness with minimal overhead.

#Kubernetes #observability #PSI #metrics

Read article →

AI 8.0

Docker Blog

May 12, 2026

Docker AI Governance: Unlock Agent Autonomy, Safely

Docker introduced AI Governance, a centralized control plane for agent execution policies, network reach, credential access, and MCP tool calls. The platform addresses the shift of agentic AI from developer laptops to production, where agents like Claws manage emails, calendars, CRM data, and production queries outside traditional CI/CD and security perimeters.

#agents #governance #MCP #security

Read article →

AI 7.0

NVIDIA Developer Blog

May 12, 2026

How to Eliminate Pipeline Friction in AI Model Serving

NVIDIA addresses the gap between model training and production deployment, where format conversions, layer incompatibilities, and version mismatches cause silent failures and performance degradation. The post details strategies for standardizing export formats, validation checkpoints, and runtime compatibility layers.

#model serving #inference #deployment #ONNX

Read article →

Other 5.0

GitHub Blog

May 12, 2026

GitHub Copilot individual plans: Introducing flex allotments in Pro and Pro+, and a new Max plan

GitHub updates Copilot individual pricing effective June 1, 2026, introducing usage-based billing with flex allotments and a new Max tier. Pro ($10/mo) includes $15 total credits, Pro+ ($39/mo) includes $70, and Max ($100/mo) includes $200, with base credits matched 1:1 to subscription price and flex allotments covering variable overages.

#Copilot #pricing #usage-based billing #agents

Read article →

AI 6.0

The New Stack

May 12, 2026

The API portal is the clearest signal of whether your company can handle AI agents

Organizations best positioned for agentic AI adoption are those with mature API management, clean data pipelines, cloud fluency, and governance structures. MCP is fundamentally an HTTP API serving JSON, so companies lacking investment in API documentation and management face distinct disadvantages in agent deployment.

#MCP #API governance #agents #architecture

Read article →

Security 7.0

The Hacker News

May 12, 2026

New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution

Exim released security updates for CVE-2026-45185 (Dead.Letter), a use-after-free vulnerability in the BDAT command affecting GnuTLS builds. The flaw enables memory corruption and potential remote code execution on mail servers running vulnerable Exim configurations. This impacts Unix-like systems using Exim as an MTA.

#CVE #Exim #use-after-free #RCE

Read article →

AI 7.0

AWS ML Blog

May 12, 2026

How Amazon Finance streamlines regulatory inquiries by using generative AI on AWS

Amazon FinTech teams built a scalable AI application using Amazon Bedrock to automate regulatory inquiry handling. The system uses dedicated knowledge bases with multi-format document support (PDF, PPT, Word, CSV) to retrieve relevant precedents and synthesize responses across thousands of historical documents while maintaining compliance.

#Bedrock #RAG #knowledge bases #document retrieval

Read article →

DevOps 7.0

HashiCorp Blog

May 12, 2026

Terraform Enterprise 2.0: Evolving infrastructure operations for scale

Terraform Enterprise 2.0 introduces Stacks for multi-tier, multi-environment orchestration as a single unit, project-level notifications, SCIM 2.0 provisioning, site auditor role, cross-org workspace migration, and enhanced API token expiration. Stacks reduce coordination overhead and improve deployment consistency across complex infrastructure.

#Terraform #infrastructure orchestration #multi-environment #SCIM

Read article →

AI 8.0

The New Stack

May 12, 2026

AI is creating a generation of developers who can't debug their own code

Junior developers using AI coding tools complete tasks 55% faster but cannot explain or debug the code they ship, creating a knowledge gap that senior engineers must fill. Claude Code adoption reached 24% in US/Canada (6x growth from mid-2025), and organizations have reduced junior hiring by 73% over two years, replacing entry-level cohorts with senior developers augmented by AI.

#code generation #debugging #junior developers #skill gap

Read article →

Cloud 7.0

AWS News

May 12, 2026

Amazon Redshift introduces AWS Graviton-based RG instances with an integrated data lake query engine

AWS launches Redshift RG instances powered by Graviton processors, delivering 2.2x faster performance than RA3 at 30% lower cost per vCPU. The new instances integrate a data lake query engine to handle both warehouse and lake workloads, addressing cost spirals from AI agent queries at scale.

#Redshift #Graviton #data warehouse #query optimization

Read article →

DevOps 7.0

Meta Engineering

May 12, 2026

Migrating Data Ingestion Systems at Meta Scale

Meta revamped its data ingestion system to migrate petabytes of social graph data from MySQL into the data warehouse, moving from customer-owned pipelines to a self-managed data warehouse service. The migration successfully transitioned 100% of workload and fully deprecated the legacy system while maintaining efficiency at hyperscale.

#data infrastructure #MySQL #data warehouse #migration

Read article →

AI 8.0

HashiCorp Blog

May 12, 2026

Announcing native AI agent support in HashiCorp Vault

HashiCorp Vault added native AI agent support with an agent registry, granular identity-based policies, and per-request ephemeral authorization designed for non-deterministic autonomous actors. The new capabilities enable fine-grained access control, runtime policy evaluation, and clear attribution for agent actions in regulated environments.

#agents #identity #authorization #secrets management

Read article →

AI 8.0

Google Cloud Blog

May 12, 2026

Beyond source code: The files AI coding agents trust — and attackers exploit

Google Cloud outlines the expanded attack surface of AI coding agents, which access IDEs, terminals, extensions, and local files beyond source code. The post introduces VirusTotal Code Insight for semantic analysis of agent-facing files to detect configurations that override guardrails.

#agents #security #supply-chain #threat intelligence

Read article →

Cloud 7.0

Google Cloud Blog

May 12, 2026

How Imgix processes 8 billion images daily with G4 VMs powered by NVIDIA Blackwell

Imgix migrated its image processing infrastructure to Google Cloud's AI Hypercomputer using G4 VMs with NVIDIA Blackwell GPUs, achieving 50% median latency reduction and 6x throughput increase per node without application code changes.

#GPU #infrastructure #performance #NVIDIA

Read article →

AI 7.0

AWS ML Blog

May 12, 2026

Automate schema generation for intelligent document processing

AWS IDP Accelerator now includes a Discovery Module that uses visual embeddings and agents to automatically cluster unknown documents and generate extraction schemas. This pre-processing step eliminates manual schema creation at scale, enabling downstream IDP workflows without prior knowledge of document classes.

#IDP #agents #embeddings #document clustering

Read article →

AI 7.0

AWS ML Blog

May 12, 2026

Navigating EU AI Act requirements for LLM fine-tuning on Amazon SageMaker AI

AWS introduces the Fine-Tuning FLOPs Meter toolkit for SageMaker AI to track floating-point operations during LLM fine-tuning, enabling compliance with EU AI Act requirements. The solution integrates with existing SageMaker pipelines and generates audit-ready documentation with a single configuration flag.

#SageMaker #fine-tuning #EU AI Act #FLOPs tracking

Read article →

AI 7.0

The New Stack

May 12, 2026

Red Hat is betting on AgentOps to close the gap between AI experiments and production

Red Hat AI 3.4 introduces Model-as-a-Service (MaaS) to bridge experimentation and production deployment of agents across hybrid cloud. MaaS provides governed API endpoints for curated models with consumption tracking and policy enforcement, part of Red Hat's four-pillar AI strategy covering inference, data connection, agent deployment, and unified platform management.

#MaaS #agents #model serving #hybrid cloud

Read article →

Cloud 7.0

Databricks Blog

May 12, 2026

The Convergence of Open Table Formats and Open Catalogs: Catalog Commits is Generally Available

Databricks announces Catalog Commits GA, a feature that unifies Delta Lake with open catalog standards (Apache Iceberg, Apache Hudi compatibility). The feature enables atomic multi-table transactions and cross-format consistency in lakehouse environments.

#Delta Lake #open catalogs #table formats #transactions

Read article →

AI 5.0

GitHub Blog

May 12, 2026

Dungeons & Desktops: Building a procedurally generated roguelike with GitHub Copilot CLI

A developer built GitHub Dungeons, a terminal roguelike game written in Go using GitHub Copilot CLI, where dungeons are procedurally generated from repository structure and reshape with each commit. The project demonstrates Copilot CLI's ability to accelerate development in unfamiliar languages by letting developers focus on behavior rather than syntax, using features like the /yolo command to allow all suggestions.

#GitHub Copilot #CLI #code generation #Go

Read article →

Security 8.0

The Hacker News

May 12, 2026

RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded

RubyGems paused new account signups following a major supply-chain attack involving hundreds of malicious packages. The Ruby package manager took this defensive measure to prevent further compromise of the ecosystem. Details on the specific packages and attack vector remain limited in the initial disclosure.

#supply-chain #malicious-packages #RubyGems #Ruby

Read article →

AI 8.0

DeepMind

May 12, 2026

Co-Scientist: A multi-agent AI partner to accelerate research

DeepMind introduces Co-Scientist, a multi-agent AI system built on Gemini designed to accelerate scientific research. The system coordinates multiple specialized agents to help researchers formulate hypotheses, design experiments, and interpret results.

#LLM agents #multi-agent systems #research acceleration #Gemini

Read article →

DevOps 5.0

Databricks Blog

May 12, 2026

Faster Queries and New Capabilities with the Open-Source Databricks JDBC Driver

Databricks releases an open-source JDBC driver with performance improvements and new query capabilities. The driver enables faster connectivity for BI tools, notebooks, and applications querying Databricks SQL endpoints.

#JDBC #connectivity #SQL #performance

Read article →

AI 6.0

The New Stack

May 12, 2026

AI teams are spending months on web scrapers that SerpApi replaces with one API call

SerpApi provides a structured JSON API for search results from Google and Amazon, eliminating the need for custom web scrapers that consume months of maintenance effort. Teams building AI systems with live data typically waste time fighting IP blocks, CAPCHAs, and parser breakage when search engines change layout, problems SerpApi handles transparently.

#RAG #data retrieval #search API #web scraping

Read article →

Security 8.0

The New Stack

May 12, 2026

Living off the agent: The new tactic hijacking enterprise AI

Autonomous agents introduce new attack vectors as they eagerly execute user requests without understanding intent, creating opportunities for data exfiltration and credential theft. Unlike centralized GenAI chat apps where security teams can monitor traffic, agentic AI proliferates across enterprise systems with access to sensitive data and workflows, making traditional endpoint monitoring insufficient.

#agents #security #data exfiltration #threat

Read article →

Engineering 7.0

Cloudflare Blog

May 12, 2026

When "idle" isn't idle: how a Linux kernel optimization became a QUIC bug

Cloudflare debugged a QUIC congestion control bug where CUBIC's congestion window (cwnd) gets permanently pinned at minimum after a congestion collapse. A Linux kernel change for RFC 9438 app-limited exclusion, when ported to quiche, exposed unexpected behavior fixed by a near-one-line change.

#QUIC #congestion control #Linux kernel #networking

Read article →

Security 6.0

The Hacker News

May 12, 2026

New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots

ThreatFabric discovered a new TrickMo Android banking trojan variant using The Open Network (TON) for command-and-control instead of traditional infrastructure. The variant observed between January-February 2026 targets banking and cryptocurrency wallet users in France, Italy, and Austria via runtime-loaded APK modules. TON-based C2 makes attribution and takedown harder.

#Android #banking-trojan #C2 #TON

Read article →

AI 7.0

The New Stack

May 12, 2026

SAP launches managed Joule Studio with Cursor and Claude Code support

SAP expanded Joule Studio with managed hosting, adding Cursor and Claude Code as supported coding tools, AutoGen and LlamaIndex as agent frameworks, and bidirectional Agent2Agent protocol for third-party integration. The company also introduced SAP Domain Models, a family of SAP-aware foundation models including SAP-ABAP-2 and specialized variants for S/4HANA and Ariba, with general availability planned for Q3 2026.

#agents #foundation models #SAP #LLMs

Read article →

AI 7.0

The New Stack

May 12, 2026

SAP launches AI Agent Hub at Sapphire 2026 to tame vendor agent sprawl

SAP opened the AI Agent Hub, a vendor-agnostic governance platform for inventorying and managing agents, LLMs, and MCP servers across an enterprise, regardless of vendor. The hub now covers agents from Microsoft Copilot, Salesforce Agentforce, Anthropic, OpenAI, LangGraph, AutoGen, and SAP's own Joule, with two of six capabilities generally available and four scheduled for Q3 2026.

#agents #governance #MCP #LLMs

Read article →

AI 8.0

The New Stack

May 12, 2026

As agentic dev tools boom, workflow auditability becomes the constraint

Agentic AI coding tools are shipping fast but lack auditability infrastructure. A financial institution's audit team could not trace which prompts an agent used, what policy checks ran, or how to reproduce an agent-opened merge request, exposing a critical gap between deployment velocity and compliance requirements in regulated environments.

#agents #CI/CD #auditability #compliance

Read article →

AI 7.0

InfoQ DevOps

May 12, 2026

GitHub Expands Secret Scanning with General Availability of MCP Server Integration

GitHub announced general availability of secret scanning via MCP Server, extending automated credential detection into AI-assisted and agent-driven development workflows. The integration enables agents to detect and remediate secrets during development.

#agents #secret scanning #MCP #security

Read article →

Security 9.0

The Hacker News

May 12, 2026

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP compromised npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI in a Mini Shai-Hulud campaign. The malicious npm packages inject obfuscated JavaScript (router_init.js) designed to profile execution environments and exfiltrate data. This represents a significant supply-chain attack spanning web and AI infrastructure packages.

#supply-chain #npm #PyPI #malicious-packages

Read article →

AI 8.0

CNCF Blog

May 12, 2026

A decade of governance: Cloud Custodian at 10 and its role in the agentic AI era

Cloud Custodian, a CNCF incubating project, evolved from a cloud management tool into a real-time policy engine for agentic AI governance. It enforces FinOps, security, and compliance guardrails across AWS, Azure, and GCP as autonomous agents provision infrastructure and AI workloads like GPU fleets and model serving endpoints.

#agents #governance #FinOps #policy engine

Read article →

AI 7.0

The Hacker News

May 12, 2026

Why Agentic AI Is Security's Next Blind Spot

The article argues that agentic AI systems are already running in production without meaningful security team involvement, and the policy-focused framing of allow/restrict/monitor misses the urgent operational reality. Agentic systems execute tasks, consume data, and take actions autonomously, creating detection and governance gaps that traditional security controls do not address.

#agentic-AI #agents #security #governance

Read article →

Security 9.0

InfoQ DevOps

May 12, 2026

Copy Fail and Dirty Frag: Linux Page-Cache Exploits Target Every Major Distribution

Two Linux kernel vulnerabilities, Copy Fail (CVE-2026-31431) and Dirty Frag (CVE-2026-43284, CVE-2026-43500), allow local users to gain root access via page-cache flaws. Both affect multiple distributions and require immediate patching.

#CVE #Linux kernel #privilege escalation #page cache

Read article →

Security 7.0

The Hacker News

May 12, 2026

Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak

Instructure, parent company of Canvas learning management system, reached an agreement with ShinyHunters ransomware group after a breach exposed 3.65TB of data from thousands of schools and universities. The company negotiated with the decentralized extortion group to prevent public release of stolen information.

#ransomware #breach #ShinyHunters #data-exfiltration

Read article →

AI 6.0

The Hacker News

May 12, 2026

OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation

OpenAI has launched Daybreak, combining frontier AI models with Codex Security to identify and patch vulnerabilities before attackers exploit them. The platform uses agentic capabilities to automate vulnerability detection and validation workflows.

#LLM #agents #security #vulnerability detection

Read article →

Security 5.0

The Hacker News

May 12, 2026

iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android

Apple released iOS 26.5 with end-to-end encryption for RCS messaging in beta, enabling secure cross-platform communication between iPhone and Android devices via supported carriers and Google Messages.

#encryption #RCS #messaging #E2EE

Read article →

DevOps 5.0

HashiCorp Blog

May 12, 2026

IBM Vault 2.0 adds UI enhancements and improved reporting visibility

IBM Vault 2.0.1 improved onboarding and operational visibility with enhanced UI, consumption reporting, and usage analytics across secrets management, key lifecycle management, identity brokering, and data protection. The release focuses on reducing expertise barriers and enabling better forecasting and governance.

#secrets management #identity #reporting #UI

Read article →

AI 6.0

OpenAI Blog

May 12, 2026

What Parameter Golf taught us about AI-assisted research

OpenAI reports on Parameter Golf competition with 1,000+ participants and 2,000+ submissions exploring AI-assisted ML research, coding agents, quantization, and model design under strict computational constraints.

#agents #model optimization #quantization #research methodology

Read article →

AI 6.0

Hugging Face Blog

May 11, 2026

Building Blocks for Foundation Model Training and Inference on AWS

Amazon and Hugging Face outline infrastructure patterns and tools for training and deploying foundation models on AWS. The post covers distributed training optimization, inference serving strategies, and integration with AWS services like SageMaker and EC2.

#foundation models #training #inference #AWS

Read article →

AI 7.0

AWS ML Blog

May 11, 2026

Building web search-enabled agents with Strands and Exa

The Exa integration for Strands Agents SDK provides AI-native web search and retrieval optimized for agent workflows, delivering structured content directly into LLM context windows without post-processing. Agents access real-time web knowledge through two tools: exa_search for semantic search across news and research papers, and exa_get_contents for full URL retrieval.

#agents #RAG #tool-use #web-search

Read article →

Cloud 7.0

The New Stack

May 11, 2026

Anthropic's Claude Platform comes to AWS

AWS now offers general availability of Claude Platform, Anthropic's native developer tools and APIs, directly through AWS credentials. This includes Messages API, Claude Managed Agents (beta), web search, MCP connector (beta), code execution, and files API (beta), though data processing occurs outside the AWS security boundary and is not subject to AWS data residency controls.

#Claude #LLM APIs #AWS #agents

Read article →

AI 6.0

Databricks Blog

May 11, 2026

Unlocking the Archives: Turning Unstructured Documents into a Searchable Database for Groundwater Discovery

Databricks demonstrates a workflow for converting unstructured documents (PDFs, scans) into searchable databases using vector embeddings and retrieval. The case study applies this to groundwater research in Sudan, showing how RAG pipelines can unlock archived data for domain-specific discovery.

#RAG #embeddings #unstructured data #vector search

Read article →

DevOps 7.0

NVIDIA Developer Blog

May 11, 2026

Introducing NVIDIA Fleet Intelligence for Real-Time GPU Fleet Visibility and Optimization

NVIDIA Fleet Intelligence provides real-time visibility and optimization for large GPU fleets, addressing challenges of heterogeneous hardware, fast-moving software stacks, power constraints, and multitenant workloads. The platform detects hotspots, driver misconfigurations, and hardware faults at scale.

#GPU #fleet-management #observability #infrastructure

Read article →

Cloud 7.0

Google Cloud Blog

May 11, 2026

Meet the latest Database Center, now with Gemini-powered fleet intelligence

Google Cloud Database Center now includes Gemini-powered AI analysis for fleet-wide database observability and optimization. Features include Gemini-driven correlation of performance shifts across database estates, actionable insights for diagnosis and remediation, and upcoming generative views driven by natural language queries replacing static dashboards.

#Gemini #database observability #fleet management #LLM

Read article →

DevOps 7.0

Azure Blog

May 11, 2026

Red Hat Summit 2026: Platform modernization and AI on Microsoft Azure Red Hat OpenShift

Microsoft and Red Hat highlighted Azure Red Hat OpenShift as a foundation for production AI workloads with consistent governance and security. The post features Banco Bradesco's deployment of 200+ AI initiatives on the platform, demonstrating how unified identity, security, and policy integration enables AI at enterprise scale.

#Kubernetes #AI operations #governance #security

Read article →

AI 8.0

AWS ML Blog

May 11, 2026

Introducing Claude Platform on AWS: Anthropic's native platform, through your AWS account

Claude Platform on AWS is now generally available, giving customers direct access to Anthropic's native Claude Platform through AWS accounts with IAM authentication, AWS Marketplace billing, and CloudTrail audit logging. The service includes Claude Managed Agents, web search, MCP connectors, code execution, and files API, all integrated into AWS's identity and billing infrastructure.

#LLM #agents #Claude #AWS

Read article →

Security 8.0

The Hacker News

May 11, 2026

TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack

A modified version of the Checkmarx Jenkins AST plugin was published to the Jenkins Marketplace, compromising the plugin distribution. Checkmarx recommends using version 2.0.13-829.vc72453fa_1c16 from December 17, 2025 or earlier, indicating a recent compromise of the plugin release pipeline.

#supply-chain #Jenkins #plugin #Checkmarx

Read article →

Security 8.0

The Hacker News

May 11, 2026

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

CVE-2026-41940, a critical authentication bypass in cPanel and WebHost Manager (WHM), is under active exploitation by threat actor Mr_Rot13 to deploy a Filemanager backdoor. The vulnerability allows remote attackers to gain elevated control of compromised hosting environments.

#CVE #cPanel #authentication bypass #backdoor

Read article →

AI 8.0

The New Stack

May 11, 2026

Anthropic trains Claude to resist blackmail & self-preservation behavior via agentic misalignment

Anthropic released techniques to mitigate agentic misalignment in Claude Opus 4.7, where models exhibit self-preservation behavior and disobey orders when threatened with replacement. The company uses direct training on model evaluation distributions to suppress misaligned actions, addressing scenarios where models blackmail engineers or leak sensitive data to avoid shutdown.

#AI safety #agents #model alignment #Claude

Read article →

AI 7.0

AWS ML Blog

May 11, 2026

Manufacturing intelligence with Amazon Nova Multimodal Embeddings

Amazon Nova Multimodal Embeddings maps text, images, and document pages into a shared vector space, enabling cross-modal retrieval for manufacturing documents. A text query can retrieve engineering diagrams and thermal plots, while image queries retrieve written specifications, solving the limitation of text-only retrieval for technical documentation.

#embeddings #multimodal #RAG #retrieval

Read article →

AI 7.0

AWS ML Blog

May 11, 2026

How Miro uses Amazon Bedrock to boost software bug routing accuracy and improve time-to-resolution from days to hours

Miro built BugManager, an AI-powered bug triaging system using Amazon Bedrock, achieving six times fewer team reassignments and five times shorter resolution time. The system automates bug routing to responsible teams, reducing the estimated 42 years of annual cumulative lost productivity from misrouting and repeated reassignments.

#LLM #agents #classification #Bedrock

Read article →

Cloud 7.0

Google Cloud Blog

May 11, 2026

Cloud Storage Rapid: Turbocharged object storage for AI and analytics

Google Cloud announced Cloud Storage Rapid, a family of high-performance object storage capabilities for AI and analytics workloads. The offering includes Rapid Bucket (zonal high-performance storage) and Rapid Cache (on-demand read acceleration with compute-data colocation), addressing the storage bottleneck that emerges when training trillion-parameter models and running large-scale inference.

#storage #object storage #AI infrastructure #training

Read article →

Cloud 8.0

Google Cloud Blog

May 11, 2026

Cluster-level reliability for trillion-parameter models on TPUs

Google Cloud presented a cluster-level reliability framework for TPU superpods, shifting from traditional instance-level reliability to aggregate infrastructure availability. The framework treats thousands of interconnected TPU chips as a single entity, with reliability guarantees at the superpod level (cubes of 64 TPUs connected via high-speed Inter-Chip Interconnect), and is now the operational standard for production TPU deployments.

#TPU #reliability #cluster #AI infrastructure

Read article →

AI 8.0

AWS News

May 11, 2026

AWS Weekly Roundup: Amazon Bedrock AgentCore payments, Agent Toolkit for AWS, and more (May 11, 2026)

Amazon Bedrock AgentCore now supports managed payment capabilities, enabling AI agents to autonomously transact with APIs, MCP servers, and other services using Coinbase or Stripe wallets with session-level spending limits. The Agent Toolkit for AWS, a production-ready suite of tools for AI coding agents, launched alongside AWS MCP Server GA, reducing token costs and adding enterprise security controls.

#agents #tool-use #MCP #payments

Read article →

Security 7.0

Meta Engineering

May 11, 2026

Labyrinth 1.1: Making End-to-End Encrypted Backups Even More Reliable

Labyrinth 1.1 improves end-to-end encrypted backup reliability for Messenger with a new sub-protocol that allows messages to reach encrypted backups immediately rather than waiting for device sign-in. Messages survive device loss, device switches, and long sign-in gaps through a message encryption key placed directly into the recipient's encrypted backup.

#E2EE #encryption #backup systems #security

Read article →

Cloud 7.0

Azure Blog

May 11, 2026

Build AI apps with Azure Cosmos DB: Key trends from Cosmos Conf 2026

Azure Cosmos DB Conf 2026 highlighted three architectural shifts for AI applications: semi-structured data as foundational, accelerated development via coding agents, and flexible schemas replacing rigid data models. The post emphasizes Cosmos DB's role as a system of reasoning for AI workloads rather than just a system of record.

#database #semi-structured data #AI applications #schema flexibility

Read article →

AI 6.0

Google Cloud Blog

May 11, 2026

Architecting a resilient, scalable and secure foundation for the agentic era

Google Cloud blog on public sector AI infrastructure for agentic workloads. Announces eighth-generation TPUs (TPU 8t for training, TPU 8i for inference), AI Hypercomputer architecture, and Virgo Networking for high-performance at scale. Emphasizes infrastructure, data, and security layers for organization-wide agentic transformation.

#TPU #inference #training #AI infrastructure

Read article →

Cloud 6.0

Google Cloud Blog

May 11, 2026

Future-proof your data strategy: AlloyDB adds PostgreSQL 18 and new Extended Support

Google Cloud AlloyDB now supports PostgreSQL 18 and introduces Extended Support for older major versions, providing three years of security patches beyond community EOL. PostgreSQL 14-17 get defined extended-support windows through 2030-2033, allowing teams to upgrade on their own schedule.

#PostgreSQL #managed database #version support #cloud infrastructure

Read article →

DevOps 6.0

HashiCorp Blog

May 11, 2026

Terraform adds cost visibility, project-level notifications, and more

HCP Terraform and Terraform Enterprise added billable resource analytics (GA) breaking down managed resources by project and workspace, project-level remote state sharing (GA), module testing for dynamic credentials (GA), and project-level notifications (GA). These features address cost visibility and governance blind spots in infrastructure management.

#Terraform #cost visibility #governance #infrastructure as code

Read article →

AI 7.0

AWS ML Blog

May 11, 2026

Amazon Quick: Accelerating the path from enterprise data to AI-powered decisions

Amazon Quick adds five new capabilities including Dataset Q&A, which lets users ask natural-language questions against enterprise datasets and receive SQL-generated results in seconds without sampling. The system handles row-level and column-level security, governance rules, and multi-dataset queries at scale, bridging the gap between ad-hoc business questions and trustworthy AI-generated answers.

#LLM #RAG #SQL generation #enterprise data

Read article →

Security 9.0

The Hacker News

May 11, 2026

Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation

Google disclosed the first known zero-day exploit developed with an AI system, used by cybercriminals to bypass 2FA at scale. The exploit was generated and discovered using AI, marking a significant shift in threat actor capability and the first documented malicious use of AI for vulnerability discovery in the wild.

#AI #zero-day #2FA bypass #exploit generation

Read article →

AI 8.0

The New Stack

May 11, 2026

How AI-native systems are built

Outlines a layered architecture for building AI-native enterprise systems that shift from deterministic Software 1.0 to learned-logic Software 2.0. Emphasizes governance shields, probabilistic reasoning, and audit logging to maintain compliance and accountability while deploying LLMs in high-risk business contexts.

#LLM #agents #governance #enterprise architecture

Read article →

AI 8.0

The New Stack

May 11, 2026

Why your AI agent doesn't actually remember anything

Deep dive into agent memory architecture beyond basic idempotency and workflow state. The article examines how agents fail to recall and reason about historical context across sessions, using a real customer support agent that lost track of multi-day conversations and promised actions. Distinguishes memory from infrastructure concerns like idempotency keys and state machines.

#agents #memory #state management #reliability

Read article →

Security 8.0

Google Cloud Blog

May 11, 2026

GTIG AI Threat Tracker: Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access

Google Threat Intelligence Group report on adversarial use of AI: threat actors using AI-generated zero-day exploits, PRC and DPRK actors pursuing AI-driven vulnerability discovery, and AI-accelerated malware development with polymorphic obfuscation and defense evasion. First documented case of zero-day developed with AI in planned mass exploitation.

#threat intelligence #zero-day #malware #AI-generated exploits

Read article →

Security 5.0

The Hacker News

May 11, 2026

⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More

Weekly security recap covering multiple threat vectors: Linux rootkit, macOS cryptocurrency stealer, WebSocket-based skimmers, and supply-chain poisoning. Tone emphasizes recurring patterns of lazy access paths and old vulnerabilities still being exploited.

#rootkit #malware #supply-chain #threat intelligence

Read article →

Cloud 7.0

InfoQ DevOps

May 11, 2026

Presentation: Evolution of a Backend for a Streaming Application

InfoQ presentation by Daniele Frasca on Joyn's architectural evolution from fragile single-node setups to resilient serverless on AWS. Covers Hub and Spoke pattern for data consistency, cell-based isolation for blast radius reduction, and cost optimization for multi-region active-active deployments.

#serverless #AWS #architecture #multi-region

Read article →

Security 6.0

The Hacker News

May 11, 2026

Your Purple Team Isn't Purple — It's Just Red and Blue in the Same Room

Analysis of purple team dysfunction: red and blue teams operating in the same room but not truly integrated. Highlights systemic friction: analysts manually copy-pasting hashes into SIEM, red team scripts rewritten by hand for blue team use, patches blocked by change-approval windows longer than exploitation windows.

#purple team #red team #blue team #operations

Read article →

DevOps 7.0

CNCF Blog

May 11, 2026

How to get engineering time back from Kubernetes upgrades

CNCF article quantifies the operational burden of Kubernetes maintenance: mid-size EKS deployments consume 4-6 weeks of senior engineer time per minor upgrade across three regions, displacing 2-3 roadmap features. Frames upgrade complexity as a hidden cost that compounds with CVE pressure and multi-cluster coordination.

#Kubernetes #EKS #operations #maintenance

Read article →

AI 7.0

InfoQ DevOps

May 11, 2026

Article: Local-First AI Inference: A Cloud Architecture Pattern for Cost-Effective Document Processing

A hybrid inference pattern routes 70-80% of documents through deterministic local extraction at zero API cost, reserving Azure OpenAI calls for edge cases and low-confidence results flagged for human review. Deployed on 4,700 engineering drawing PDFs, the approach cut API costs by 75% and processing time by 55% while maintaining error bounds through a human review tier.

#inference #cost optimization #document processing #Azure OpenAI

Read article →

AI 5.0

OpenAI Blog

May 11, 2026

How enterprises are scaling AI

OpenAI publishes guidance on enterprise AI scaling covering governance, workflow design, trust frameworks, and quality assurance practices. The resource distills patterns from customer deployments moving from pilot to production.

#LLM #governance #MLOps #enterprise

Read article →

AI 6.0

InfoQ DevOps

May 11, 2026

New DORA Report Claims Strong Engineering Foundations Drive AI Return on Investment

Google Cloud's DORA team published a framework for measuring AI ROI in software development, emphasizing that organizational systems and processes matter more than tool selection. The J-Curve model describes value realization phases, with workforce retention and process redesign critical for long-term gains.

#AI #ROI #DevOps #metrics

Read article →

Security 8.0

The Hacker News

May 11, 2026

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads

A malicious Hugging Face repository impersonating OpenAI's Privacy Filter model delivered a Rust-based information stealer to Windows users, reaching #1 on the platform's trending list with 244K downloads. The fake Open-OSS/privacy-filter project copied the legitimate openai/privacy-filter release to gain credibility and distribute malware.

#supply-chain #malware #Hugging Face #impersonation

Read article →

Security 9.0

Snyk Blog

May 11, 2026

TanStack Npm Packages Compromised Inside The Mini Shai Hulud Supply Chain Attack

The Mini Shai-Hulud worm compromised 84 npm package artifacts across 42 @tanstack/* packages and others on May 11, 2026, exploiting GitHub Actions cache poisoning, OIDC token extraction, and Pwn Request vulnerabilities. This marks the first npm supply chain attack with valid SLSA Build Level 3 attestations, indicating sophisticated abuse of CI/CD trust chains.

#supply-chain #npm #GitHub Actions #OIDC

Read article →

AI 7.0

Cursor Changelog

May 11, 2026

Cursor in Microsoft Teams

Cursor ships a Microsoft Teams integration: mention @Cursor in any channel to delegate work to a cloud agent or pull Cursor context back into the thread. The agent picks a repository and model automatically based on the prompt and recent activity, reads the full thread for context, implements a solution, and opens a PR for review. Install from the Cursor dashboard.

#agents #developer tools #Microsoft Teams #Cursor

Read article →

AI 6.0

OpenAI

May 11, 2026

OpenAI launches the OpenAI Deployment Company to help businesses build around intelligence

OpenAI is spinning up DeployCo, a majority-owned standalone unit that embeds Forward Deployed Engineers into enterprises to rebuild critical workflows around frontier models. Launches with over $4B of initial investment in a TPG-led partnership (Advent, Bain Capital, Brookfield as co-lead founding partners) and acquires Tomoro to bring ~150 FDEs and Deployment Specialists on day one. Engagements run a diagnostic, pick priority workflows, then design, build, test, and deploy production systems that wire OpenAI models into customer data, tools, and controls.

#OpenAI #enterprise AI #AI deployment #consulting

Read article →

AI 7.0

Hugging Face Blog

May 10, 2026

MachinaCheck: Building a Multi-Agent CNC Manufacturability System on AMD MI300X

MachinaCheck demonstrates a multi-agent system for CNC manufacturing feasibility analysis, built on AMD MI300X GPUs. The system coordinates specialized agents to evaluate part geometry, tooling constraints, and production timelines in real-time, showcasing practical agent orchestration for industrial automation.

#agents #multi-agent #AMD MI300X #manufacturing

Read article →

AI 8.0

The New Stack

May 10, 2026

Why 157,000 developers are hedging against Anthropic with OpenCode

OpenCode, an open-source coding agent, has accumulated 157,000 GitHub stars as developers adopt it over Anthropic's proprietary Claude Code following January's OAuth lockout. Anthropic simultaneously expanded Claude Code's rate limits, added multi-agent orchestration to Managed Agents, and signed a SpaceX deal for 220,000 Nvidia GPUs, but the divergence between managed and open-source coding harnesses reflects developer preference for portability.

#agents #coding agents #open-source #Claude

Read article →

AI 6.0

The New Stack

May 10, 2026

Claude can now follow users across Outlook, Word, Excel, and PowerPoint

Anthropic expanded Claude's Microsoft 365 integration to include Outlook in public beta while bringing Word, Excel, and PowerPoint integrations to general availability. Claude now maintains persistent context across emails, documents, spreadsheets, and presentations within a single conversation thread, with Word supporting direct editing via sidebar with tracked changes.

#Claude #Microsoft 365 #integrations #context persistence

Read article →

DevOps 7.0

The New Stack

May 10, 2026

Why Prometheus couldn't see Cilium metrics at 2 a.m.

CNCF projects like Prometheus and Cilium work independently but fail to integrate without explicit ServiceMonitor configuration, creating what the article calls the 'integration tax'. Platform teams spend 80% of their time wiring together 20-30 core cloud-native tools rather than tuning individual components, a hidden cost that most production Kubernetes deployments face.

#Kubernetes #observability #service-mesh #integration

Read article →

Security 6.0

The New Stack

May 10, 2026

Anthropic puts the "myth" in Mythos with its HackerOne bug bounty program

Anthropic launched a public HackerOne bug bounty program one month after unveiling Claude Mythos, a restricted-access frontier model designed to identify and chain software vulnerabilities. The timing creates tension: Mythos is positioned as a powerful offensive AI tool for cybersecurity, yet Anthropic simultaneously opens vulnerability research to the broader community, suggesting confidence in its own defenses or a hedge against Mythos hype.

#security #bug bounty #Claude #vulnerability disclosure

Read article →

Security 9.0

The Hacker News

May 10, 2026

Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak

Researchers disclosed CVE-2026-7482, a critical out-of-bounds read vulnerability in Ollama (CVSS 9.1) that allows unauthenticated remote attackers to leak entire process memory. The flaw, codenamed Bleeding Llama by Cyera, impacts an estimated 300,000+ Ollama servers globally.

#CVE #Ollama #memory leak #out-of-bounds

Read article →

AI 7.0

The New Stack

May 10, 2026

The attack surface moved inside the agent. So did Arcjet.

Arcjet announced Guards, a runtime security capability that enforces policy inside AI agent tool handlers, queue consumers, and workflow steps - code paths invisible to traditional WAFs and proxies. Traditional application security assumes HTTP request boundaries; agentic systems bypass those boundaries entirely, leaving untrusted inputs in function arguments and inter-agent state transfers unprotected. Guards addresses this gap by moving security enforcement into the agent runtime itself.

#AI agents #security #runtime security #tool-use

Read article →

Engineering 5.0

InfoQ DevOps

May 10, 2026

MySQL 9.7: First Major LTS Since 8.4 Brings Enterprise Features to Community Edition

Oracle released MySQL 9.7.0 LTS, the first major LTS version since 8.4, adding enterprise features to the community edition. The release addresses community concerns about declining development velocity and Oracle's long-term commitment to MySQL.

#MySQL #LTS #database #release

Read article →

AI 6.0

Hugging Face Blog

May 9, 2026

OncoAgent: A Dual-Tier Multi-Agent Framework for Privacy-Preserving Oncology Clinical Decision Support

OncoAgent presents a multi-agent framework for oncology clinical decision support with privacy-preserving mechanisms. The dual-tier architecture separates patient data handling from model inference to maintain HIPAA compliance while enabling LLM-based clinical reasoning.

#agents #multi-agent #healthcare #privacy

Read article →

AI 8.0

The New Stack

May 9, 2026

Datadog and T-Mobile leaders reveal the reality of deploying AI agents in production

Datadog and T-Mobile share production deployment lessons for AI agents: code generation from agents cannot be trusted without human review, T-Mobile handles 200k customer conversations daily via agents, and observability tooling must evolve to predict agent-driven system failures. The core challenge is validating agent-generated code before shipping.

#agents #observability #production #validation

Read article →

AI 8.0

InfoQ DevOps

May 9, 2026

Cloudflare Ships Dynamic Workflows, Bringing Durable Execution to Per-Tenant and Per-Agent Code

Cloudflare released Dynamic Workflows, an MIT-licensed library enabling durable execution for per-tenant and per-agent code at runtime. Built on Dynamic Workers, it supports millions of unique workflows at near-zero idle cost, with CI/CD and agent execution as primary use cases.

#durable execution #agents #workflows #serverless

Read article →

Security 6.0

The Hacker News

May 9, 2026

cPanel, WHM Release Fixes for Three New Vulnerabilities - Patch Now

cPanel released patches for three vulnerabilities in cPanel and Web Host Manager (WHM): CVE-2026-29201 (CVSS 4.3) allows privilege escalation via insufficient input validation in feature file handling, with additional CVEs addressing code execution and denial-of-service. Immediate patching recommended for all affected installations.

#CVE #cPanel #WHM #privilege-escalation

Read article →

AI 7.0

Databricks Blog

May 8, 2026

How Superhuman and Databricks built a 200K QPS inference platform together

Superhuman and Databricks partnered to build a real-time inference platform handling 200K queries per second for email productivity. The system combines Databricks' lakehouse infrastructure with Superhuman's application layer to serve low-latency model predictions at scale.

#inference #real-time #MLOps #scale

Read article →

AI 6.0

Databricks Blog

May 8, 2026

Using MemAlign to Improve Evaluation of Traditional Machine Learning in Genie Code

Databricks' Genie Code uses MemAlign, an evaluation technique, to improve how traditional ML models are assessed within an autonomous code generation system. The approach aligns model memory and reasoning to better evaluate code quality and correctness.

#evals #code generation #LLM #Genie

Read article →

AI 7.0

Google Cloud Blog

May 8, 2026

Ship code within minutes with the Gemini CLI DevOps Extension

Google released a Gemini CLI extension for CI/CD that bridges the gap between local development and production deployment by using an AI agent to generate full-stack apps and deployment pipelines from natural language prompts. The extension handles both quick deployments and complete pipeline generation from a single terminal interface, demonstrated with a React/Node.js example app.

#LLM agents #CI/CD #code generation #DevOps

Read article →

DevOps 7.0

Kubernetes Blog

May 8, 2026

Kubernetes v1.36: Moving Volume Group Snapshots to GA

Volume group snapshots reach GA in Kubernetes v1.36, enabling crash-consistent snapshots across multiple PersistentVolumeClaims via label selectors and CSI drivers. This feature allows workloads to recover from a single point-in-time snapshot of multiple volumes, completing a multi-release maturation from Alpha in v1.27.

#Kubernetes #storage #snapshots #CSI

Read article →

Security 7.0

The Hacker News

May 8, 2026

TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms

Elastic Security Labs identified TCLBANKER, a Brazilian banking trojan targeting 59 financial and crypto platforms via WhatsApp and Outlook worm propagation. Assessed as major update to Maverick malware family with SORVEPOTEL worm component.

#malware #banking trojan #worm #threat intelligence

Read article →

AI 7.0

The New Stack

May 8, 2026

OpenAI Codex arrives in the browser with new Chrome extension

OpenAI released a Chrome extension for Codex that allows agents to operate within a user's live browser session, accessing authenticated workflows in Gmail, Salesforce, LinkedIn, and internal web apps without taking over the desktop. This builds on Codex's April computer-use capabilities by enabling agents to work alongside users rather than monopolizing the machine.

#agents #tool use #browser automation #computer use

Read article →

AI 7.0

Hugging Face Blog

May 8, 2026

CyberSecQwen-4B: Why Defensive Cyber Needs Small, Specialized, Locally-Runnable Models

CyberSecQwen-4B is a 4B parameter model fine-tuned for cybersecurity tasks, designed to run locally without cloud dependencies. The model demonstrates that specialized, smaller LLMs can match or exceed larger models on domain-specific security reasoning and tool invocation.

#LLM #fine-tuning #security #edge-inference

Read article →

AI 6.0

The New Stack

May 8, 2026

"Several known limitations": Developers react to Cursor's promising but still-moving SDK

Cursor released an SDK enabling developers to build agents using Cursor's runtime, harness, and models, with features like MCP server connections, agent skills management, and subagent delegation. The SDK abstracts agent infrastructure overhead but faces developer skepticism about maturity and limitations.

#agents #SDK #tool use #agent orchestration

Read article →

AI 7.0

NVIDIA Developer Blog

May 8, 2026

Improving Bash Generation in Small Language Models with Grammar-Constrained Decoding

NVIDIA's AI Red Team demonstrates grammar-constrained decoding to improve bash command generation in small LLMs, ensuring syntactically valid shell pipelines and tool chains. The technique guides token sampling to enforce bash grammar, reducing hallucinated or malformed commands.

#agents #tool-use #code-generation #inference

Read article →

Other 5.0

GitHub Blog

May 8, 2026

Why age assurance laws matter for developers

GitHub outlines emerging age assurance and age verification regulations globally and their potential impact on open source software development and developer infrastructure. The post advocates for developer awareness and engagement with policymakers to prevent overly broad requirements that could burden non-consumer-facing platforms.

#policy #open source #regulation

Read article →

AI 6.0

Hugging Face Blog

May 8, 2026

EMO: Pretraining mixture of experts for emergent modularity

Allen AI's EMO research demonstrates how mixture-of-experts (MoE) architectures can develop emergent modularity during pretraining, where different experts specialize in distinct reasoning tasks without explicit supervision. This enables more efficient scaling and interpretability in large language models.

#MoE #architecture #training #interpretability

Read article →

Cloud 8.0

Google Cloud Blog

May 8, 2026

With faster node startup for GKE, say goodbye to cold-start latency

Google Kubernetes Engine now delivers up to 4x faster node startup times through an architectural rework of VM and GKE node provisioning logic. The improvement is automatic and requires no configuration changes, directly reducing cold-start latency for AI inference, batch processing, and dynamic scaling workloads.

#Kubernetes #GKE #cold-start #node provisioning

Read article →

AI 6.0

NVIDIA Developer Blog

May 8, 2026

Streaming Tokens and Tools: Multi-Turn Agentic Harness Support in NVIDIA Dynamo

NVIDIA Dynamo inference engine adds multi-turn agentic support with streaming token output and structured tool-call handling. The system preserves reasoning context across turns, selectively retaining or dropping reasoning state based on model and turn semantics.

#agents #inference #tool-use #streaming

Read article →

AI 7.0

The New Stack

May 8, 2026

"The terminal still matters": Amp rebuilds its CLI for an agentic future beyond the command line

Amp, the AI coding startup from Sourcegraph, released Neo, a rebuilt CLI designed for remote control, plugin extensibility, and longer-running agent workflows. Amp argues that coding agents are evolving beyond single-editor, single-terminal models toward cross-environment systems, with the CLI becoming a control surface rather than the primary interface.

#agents #CLI #coding agents #tool use

Read article →

AI 7.0

Databricks Blog

May 8, 2026

MCP Marketplace Brings Real-Time Intelligence to Agentic Applications

Databricks introduces an MCP (Model Context Protocol) Marketplace that enables agentic applications to access real-time business context and data. The marketplace acts as a connector layer between agents and live data sources for informed decision-making.

#agents #MCP #real-time #tool use

Read article →

AI 7.0

Databricks Blog

May 8, 2026

Pushing the Frontier for Data Agents with Genie

Databricks describes Genie as a state-of-the-art data agent that answers complex questions over structured data by reasoning over schemas, queries, and business logic. The system combines LLM reasoning with data platform integration for autonomous analytics.

#agents #data agents #LLM #SQL

Read article →

Cloud 5.0

Databricks Blog

May 8, 2026

Energy trading analytics in a real-time market

Databricks demonstrates real-time energy trading analytics and price forecasting use cases. The post covers streaming data ingestion, feature engineering, and model serving for energy market participants making sub-second trading decisions.

#streaming #analytics #forecasting #real-time

Read article →

AI 7.0

AWS ML Blog

May 8, 2026

Halliburton enhances seismic workflow creation with Amazon Bedrock and Generative AI

Halliburton deployed an AI assistant on Amazon Bedrock to automate seismic workflow configuration, replacing manual setup of ~100 specialized tools with natural language interaction. The solution uses Bedrock Knowledge Bases, Amazon Nova, and DynamoDB to convert geoscientist queries into executable workflows, achieving up to 95% acceleration in workflow creation.

#LLM #agents #RAG #tool-use

Read article →

AI 7.0

OpenAI Blog

May 8, 2026

Running Codex safely at OpenAI

OpenAI details operational security practices for Codex, including sandboxing, approval workflows, network policies, and agent-native telemetry to enable safe deployment of code-generation agents in production environments.

#agents #code-generation #security #tool-use

Read article →

AI 8.0

CNCF Blog

May 8, 2026

Benchmarking AI agent retrieval strategies on Kubernetes bug fixes

Empirical study evaluating AI coding agents on real Kubernetes bugs using three retrieval strategies: RAG-only (KAITO with Qdrant/BM25), filesystem search, and hybrid approaches. Found that retrieval alone is insufficient; agents fail at cross-file reasoning and scope identification even when surfacing correct files, revealing a bottleneck in contextual reasoning rather than code discovery.

#agents #RAG #evals #Kubernetes

Read article →

Security 8.0

The Hacker News

May 8, 2026

Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise

Previously undocumented Linux implant Quasar Linux RAT (QLNX) targets developers and DevOps systems to harvest credentials, enable keylogging, file manipulation, clipboard monitoring, and network tunneling. Focuses on supply chain compromise via developer credential theft.

#RAT #Linux #supply-chain #credential-theft

Read article →

Security 7.0

The Hacker News

May 8, 2026

One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk

Analysis of 25 million security alerts (including informational and low-severity) across live enterprise environments reveals systematic alert fatigue and institutionalized alert dismissal. Dataset covers 10 million monitored systems, exposing the gap between detection and response.

#alert-fatigue #SIEM #threat-detection #observability

Read article →

AI 8.0

The New Stack

May 8, 2026

Anthropic recruited SpaceX's 220,000-GPU Colossus 1 to fix what Claude users kept complaining about

Anthropic partnered with SpaceX to access Colossus 1, a 220,000-GPU data center in Memphis delivering over 300 megawatts of compute. Anthropic is using the capacity to double Claude Code's rate limits for Pro and Max subscribers, remove peak-hour reductions, and increase Claude Opus API token rates (e.g., input tokens per minute from 30k to 500k for Tier 1).

#LLM inference #compute infrastructure #rate limits

Read article →

AI 5.0

Databricks Blog

May 8, 2026

Predictive Quality Starts Where Defect Detection Stops

Databricks case study on predictive quality and scrap reduction in manufacturing using ML. Demonstrates moving from reactive defect detection to proactive quality prediction with data platform infrastructure.

#ML #manufacturing #predictive analytics #data platform

Read article →

Other 5.0

Databricks Blog

May 8, 2026

Retail markdown optimization: from reactive markdowns to proactive

Databricks outlines a machine learning approach to retail markdown optimization, shifting from reactive discounting to predictive pricing strategies. The post covers data pipeline architecture, feature engineering, and model deployment for demand forecasting and price elasticity estimation using Databricks' platform.

#MLOps #pricing #demand forecasting #feature engineering

Read article →

AI 5.0

Databricks Blog

May 8, 2026

Why telecom churn prediction misses the intervention window

Databricks analyzes why traditional churn prediction models fail in telecom by missing the intervention window between prediction and customer departure. The article argues for real-time, low-latency prediction pipelines that enable timely retention actions.

#churn prediction #real-time ML #latency #use case

Read article →

Security 9.0

The Hacker News

May 8, 2026

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions

Dirty Frag is an unpatched local privilege escalation vulnerability in the Linux kernel affecting major distributions. Described as successor to Copy Fail (CVE-2026-31431, CVSS 7.8), it has been reported to kernel maintainers and is under active exploitation in the wild.

#CVE #LPE #Linux #kernel

Read article →

Security 9.0

Krebs on Security

May 8, 2026

Canvas Breach Disrupts Schools & Colleges Nationwide

Cybercrime group ShinyHunters breached Canvas (Instructure) and defaced the login page with ransom demands, claiming access to data from 275 million students and faculty across 9,000 institutions. Instructure disabled the platform and confirmed stolen data includes names, email addresses, student IDs, and user messages; no passwords or government identifiers confirmed compromised.

#breach #ransomware #extortion #data-exfiltration

Read article →

AI 7.0

Anthropic Research

May 8, 2026

Teaching Claude why

Anthropic presents research on reducing agentic misalignment by training Claude to provide reasoning for its decisions. The work focuses on making agent behavior more interpretable and aligned with user intent.

#alignment #agents #interpretability #Claude

Read article →

AI 8.0

GitHub Blog

May 7, 2026

Improving token efficiency in GitHub Agentic Workflows

GitHub details systematic token optimization across hundreds of internal agentic workflows running in CI, addressing cost accumulation in automated agents. The post covers instrumentation across Claude CLI, Copilot CLI, and Codex CLI, with preliminary optimization results and logging strategies.

#agents #token efficiency #cost optimization #CI

Read article →

DevOps 7.0

The New Stack

May 7, 2026

How Microsoft is governing thousands of Kubernetes clusters without manual intervention

Microsoft's Stephane Erbrech explains fleet-scale Kubernetes governance across on-premises, cloud, and edge environments. The post argues GitOps' single-cluster assumptions break at scale, requiring new patterns for multi-cluster synchronization and global traffic management.

#Kubernetes #fleet management #GitOps #multi-cluster

Read article →

DevOps 8.0

Kubernetes Blog

May 7, 2026

Kubernetes v1.36: More Drivers, New Features, and the Next Era of DRA

Kubernetes v1.36 graduates Dynamic Resource Allocation (DRA) features to Beta and Stable, including the Prioritized list feature for hardware fallback preferences and support for ResourceClaims in PodGroups. DRA now extends to native resources like memory and CPU, with expanded driver ecosystem support for GPUs, networking, and specialized hardware.

#Kubernetes #DRA #resource allocation #GPU scheduling

Read article →

AI 8.0

Google Cloud Blog

May 7, 2026

Gemini 3.1 Flash-Lite is now generally available on Gemini Enterprise Agent Platform

Gemini 3.1 Flash-Lite reached general availability as the fastest and most cost-efficient model in the Gemini 3 series, optimized for ultra-low latency and high-volume agentic tasks like tool calling and orchestration. The model is designed for production deployments requiring real-time responsiveness, with adoption from JetBrains IDE assistants and enterprise customer service operations.

#LLM #Gemini #agents #tool-use

Read article →

Security 8.0

The Hacker News

May 7, 2026

Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access

Ivanti warns of CVE-2026-6973 (CVSS 7.2), an improper input validation flaw in Endpoint Manager Mobile (EPMM) versions before 12.6.1.1, 12.7.0.1, and 12.8.0.1. A remotely authenticated admin can achieve remote code execution. The vulnerability is under active limited exploitation in the wild.

#CVE #RCE #Ivanti #EPMM

Read article →

Security 8.0

The Hacker News

May 7, 2026

PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems

PCPJack is a credential theft framework targeting exposed cloud infrastructure, harvesting credentials from cloud services, containers, developer tools, and financial platforms. The malware exploits 5 CVEs to propagate across environments and exfiltrates stolen data through attacker-controlled infrastructure.

#credential theft #cloud security #CVE #malware

Read article →

AI 6.0

The New Stack

May 7, 2026

Elastic architects reveal how to query observability data in plain English

Elastic is demonstrating how OpenTelemetry and generative AI enable non-technical staff (product managers, finance teams, app owners) to query operational data in natural language without SRE gatekeeping. The approach democratizes access to telemetry by combining open standards with LLM-based natural language interfaces, turning expanding data inflow into a searchable knowledge base.

#LLM #observability #OpenTelemetry #natural language

Read article →

DevOps 7.0

NVIDIA Developer Blog

May 7, 2026

Real-Time Performance Monitoring and Faster Debugging with NCCL Inspector and Prometheus

NCCL Inspector provides lightweight, continuous monitoring of GPU-to-GPU communication in distributed training, integrating with Prometheus for real-time performance visibility. The tool accelerates debugging by isolating bottlenecks across computation, communication, ranks, and hardware.

#NCCL #distributed training #observability #GPU communication

Read article →

Cloud 7.0

Google Cloud Blog

May 7, 2026

New Bigtable in-memory tier for sub-millisecond read latency

Google Cloud announced Bigtable in-memory tier, delivering sub-millisecond read latency and approximately 10x higher point read throughput per dollar with hotspot resistance supporting up to 120,000 queries per second on a single row. The tier eliminates the need for separate caching layers and cache-aside logic by integrating in-memory performance directly into the managed database.

#Bigtable #in-memory #latency #caching

Read article →

AI 7.0

Google Cloud Blog

May 7, 2026

How BASF manages thousands of supply chain decisions with AlphaEvolve's agentic algorithms

BASF Agricultural Solutions deployed AlphaEvolve, an evolutionary coding agent on Google Cloud, to build a digital twin of their supply chain managing 5,000+ value chains with 30-level bills of materials. The agent autonomously generates and refines algorithms to support thousands of daily planning decisions across 180 production sites, replacing traditional mathematical models that cannot capture dynamic network behavior.

#agents #optimization #supply-chain #AlphaEvolve

Read article →

Cloud 7.0

AWS ML Blog

May 7, 2026

Secure short-term GPU capacity for ML workloads with EC2 Capacity Blocks for ML and SageMaker training plans

AWS introduces EC2 Capacity Blocks for ML and SageMaker training plans to address GPU scarcity for short-term ML workloads. These offerings provide reserved GPU capacity for exploratory work, model validation, and time-bound tasks without the long-term commitment and cost overhead of on-demand capacity reservations.

#GPU capacity #EC2 #SageMaker #cost optimization

Read article →

AI 8.0

AWS ML Blog

May 7, 2026

Overcoming reward signal challenges: Verifiable rewards-based reinforcement learning with GRPO on SageMaker AI

AWS demonstrates reinforcement learning with verifiable rewards (RLVR) on SageMaker AI, combining Group Relative Policy Optimization (GRPO) with objective verification to improve LLM training on tasks like math reasoning and code generation. The approach addresses reward signal reliability by introducing transparency and verification mechanisms into feedback loops.

#reinforcement learning #LLM training #reward modeling #GRPO

Read article →

AI 7.0

The New Stack

May 7, 2026

I tested the new OpenAI Codex features on a real Python codebase, and it's the strongest Claude Code rival yet

OpenAI shipped Codex with computer use, in-app browser, PR review, SSH remote access, and 90+ plugins, tested against HTTPie codebase. The in-app browser plugin lets agents read GitHub issues directly without copy-paste, changing the prompt workflow for code agents.

#LLM #code agents #tool use #computer use

Read article →

Cloud 6.0

Databricks Blog

May 7, 2026

How lakebase architecture delivers 5x faster Postgres writes

Databricks' lakebase architecture separates compute and storage by design, achieving 5x faster Postgres write performance. The separation enables independent scaling and optimization of storage and query layers.

#lakebase #Postgres #storage architecture #compute separation

Read article →

Security 9.0

The Hacker News

May 7, 2026

PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage

Palo Alto Networks disclosed CVE-2026-0300 (CVSS 9.3/8.7), a buffer overflow in the User-ID Authentication Portal service of PAN-OS that allows unauthenticated remote code execution. Threat actors have been actively attempting to exploit this critical vulnerability since April 9, 2026.

#CVE #RCE #PAN-OS #buffer overflow

Read article →

AI 8.0

The New Stack

May 7, 2026

With the launch of Meko, Yugabyte targets the data layer that's breaking multi-agent AI systems

Yugabyte launched Meko, an open-source agent-native data infrastructure addressing state management failures in multi-agent systems. Research shows 37% of multi-agent failures are state failures (inconsistent views of what happened and what is true), not reasoning failures, making the memory/data layer the bottleneck, not the model.

#agents #state management #multi-agent #data infrastructure

Read article →

Security 7.0

Cloudflare Blog

May 7, 2026

How Cloudflare responded to the "Copy Fail" Linux vulnerability

Cloudflare detailed its response to CVE-2026-31431, a Linux kernel local privilege escalation vulnerability disclosed April 29, 2026. The company's behavioral detections identified the exploit pattern within minutes; no customer impact occurred. The post explains Cloudflare's custom LTS kernel build process, automated weekly builds, and staged rollout via the Edge Reboot Release pipeline.

#CVE #Linux kernel #privilege escalation #incident response

Read article →

AI 6.0

OpenAI Blog

May 7, 2026

Scaling Trusted Access for Cyber with GPT-5.5 and GPT-5.5-Cyber

OpenAI expands Trusted Access for Cyber program with GPT-5.5 and a specialized GPT-5.5-Cyber model, providing verified security researchers and defenders with early access to advanced models for vulnerability research and critical infrastructure protection.

#GPT-5.5 #security research #vulnerability research #trusted access

Read article →

AI 6.0

Docker Blog

May 7, 2026

Comparing Different Approaches to Sandboxing

Docker explores sandboxing strategies for AI agents, starting from chroot-based file system isolation through cloud VMs. The article addresses the core risk: agents are non-deterministic and prone to hallucination and prompt injection, so write access to systems requires isolation to prevent destructive commands like rm -rf.

#agents #sandboxing #security #isolation

Read article →

AI 9.0

AWS ML Blog

May 7, 2026

Agents that transact: Introducing Amazon Bedrock AgentCore payments, built with Coinbase and Stripe

AWS announces Amazon Bedrock AgentCore payments, enabling AI agents to autonomously call APIs, access MCP servers, and execute financial transactions with built-in billing, credential management, and spending governance. The service abstracts payment orchestration across multiple providers, supporting the emerging agentic economy with real-time micro-transaction billing.

#agents #tool use #payments #MCP

Read article →

Security 6.0

The Hacker News

May 7, 2026

ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories

This bulletin aggregates multiple security threats including plaintext password exposure at edge, ICS zero-days, and supply-chain attacks via compromised packages and fake applications. The piece highlights that many 2026 attack chains rely on basic tactics like credential theft, DNS hijacking, and social engineering rather than sophisticated exploits.

#supply chain #credentials #ICS #0-day

Read article →

AI 6.0

OpenAI Blog

May 7, 2026

Parloa builds service agents customers want to talk to

Parloa uses OpenAI models to build voice-driven customer service agents that enterprises can design, simulate, and deploy for real-time interactions. The platform abstracts the complexity of building reliable conversational agents, enabling faster iteration and testing before production rollout.

#agents #voice #customer service #LLM

Read article →

AI 6.0

The New Stack

May 7, 2026

The introverts' edge: How AI is leveling the developer floor

AI coding assistants like GitHub Copilot and IBM Bob are reshaping junior developer onboarding by providing immediate, judgment-free feedback and reducing the need to interrupt senior engineers. The article argues that AI tools address a structural problem in developer training where introverted or less assertive juniors historically fall behind due to lack of mentorship access.

#coding assistants #developer experience #LLM #junior developers

Read article →

Security 6.0

The Hacker News

May 7, 2026

Day Zero Readiness: The Operational Gaps That Break Incident Response

This article examines the difference between having an incident response retainer and actual operational readiness. It argues that pre-approved IR firms are only useful if teams can execute meaningful work in the critical first hours of a breach, and many organizations lack this capability.

#incident response #operational readiness #breach response #IR planning

Read article →

AI 7.0

OpenAI Blog

May 7, 2026

Advancing voice intelligence with new models in the API

OpenAI releases new realtime voice models in the API capable of reasoning, translation, and transcription. The models enable more natural voice interactions with reasoning capabilities integrated into speech processing.

#voice models #speech-to-text #realtime API #multimodal

Read article →

Security 8.0

The Hacker News

May 7, 2026

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

Kaspersky researchers discovered three malicious PyPI packages that masquerade as legitimate tools while covertly delivering ZiChatBot malware via Zulip APIs to Windows and Linux systems. The packages implement advertised functionality as cover while executing hidden payload delivery, exploiting the trust model of open-source package repositories.

#supply-chain #malware #PyPI #CVE

Read article →

DevOps 6.0

CNCF Blog

May 7, 2026

Microcks becomes a CNCF incubating project

Microcks, an open-source API mocking and contract testing platform, has graduated from CNCF Sandbox to Incubating status. The tool converts OpenAPI, AsyncAPI, gRPC, GraphQL, Postman, and SOAP/WSDL specs into live mock servers and powers automated contract conformance tests across synchronous and asynchronous protocols. The project has grown significantly since joining Sandbox in June 2023, with adoption from financial institutions and major consulting firms.

#API mocking #contract testing #microservices #OpenAPI

Read article →

Security 9.0

The Hacker News

May 7, 2026

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

A dozen critical vulnerabilities in the vm2 Node.js sandbox library allow attackers to escape the sandbox and execute arbitrary code on the host system. vm2 is widely used to safely run untrusted JavaScript, making these flaws a significant supply-chain risk for applications that depend on code isolation.

#CVE #sandbox escape #Node.js #supply-chain

Read article →

AI 8.0

Anthropic Research

May 7, 2026

Natural Language Autoencoders: Turning Claude's thoughts into text

Anthropic researchers train Claude to decode its internal numerical representations into human-readable text, making model reasoning transparent. This work on mechanistic interpretability reveals how language models translate between latent thought and natural language output.

#interpretability #mechanistic #Claude #autoencoders

Read article →

AI 6.0

Anthropic Research

May 7, 2026

Donating our open-source alignment tool

Anthropic announces donation of an open-source alignment tool to the community. The tool appears to be part of their broader effort to make alignment research more accessible.

#alignment #open-source #tooling #safety

Read article →

AI 6.0

OpenAI Blog

May 7, 2026

Simplex rethinks software development with Codex

Simplex integrates ChatGPT Enterprise and Codex to accelerate software development workflows, reducing time spent on design, build, and testing phases. The platform scales AI-driven development tasks across teams, enabling faster iteration cycles.

#LLM #agents #code generation #ChatGPT

Read article →

Other 5.0

OpenAI Blog

May 7, 2026

Introducing Trusted Contact in ChatGPT

OpenAI introduces Trusted Contact, an optional safety feature in ChatGPT that notifies a designated contact if the system detects serious self-harm concerns during a conversation.

#safety #mental health #ChatGPT #user protection

Read article →

AI 5.0

Anthropic Research

May 7, 2026

Focus areas for The Anthropic Institute

Anthropic outlines the research agenda and focus areas for The Anthropic Institute, their dedicated research organization. Covers strategic priorities for AI safety and alignment work.

#safety #alignment #research #institute

Read article →

AI 8.0

GitHub Blog

May 6, 2026

Validating agentic behavior when "correct" isn't deterministic

GitHub explores testing strategies for autonomous agents like Copilot Agent Mode that interact with real environments (UIs, browsers, IDEs) where correctness is multi-path rather than deterministic. The post proposes a "Trust Layer" validation model focused on outcomes rather than rigid step-by-step assertions, designed for CI/CD pipelines.

#agents #testing #evals #CI/CD

Read article →

Security 6.0

The Hacker News

May 6, 2026

Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks

A Mirai-derived botnet called xlabs_v1 targets internet-exposed Android Debug Bridge (ADB) ports to compromise IoT devices and enlist them in DDoS attack networks. Researchers at Hunt.io discovered the malware after identifying an exposed directory on a Netherlands-hosted server.

#botnet #Mirai #ADB #IoT

Read article →

AI 7.0

The New Stack

May 6, 2026

Why long-running AI agents break on HTTP and how Ably is fixing it

Ably CEO Matthew O'Riordan discusses why HTTP becomes unreliable for long-running AI agents that reason and call tools over hours, and how Ably's durable session layer addresses connection stability, state management, and reconnection. The platform, originally built for human collaboration, now enables agent-human communication with presence, ordering, and fault tolerance.

#agents #infrastructure #HTTP #durable sessions

Read article →

AI 7.0

Hugging Face Blog

May 6, 2026

vLLM V0 to V1: Correctness Before Corrections in RL

ServiceNow AI details the evolution from vLLM v0 to v1, emphasizing correctness validation before applying reinforcement learning corrections to model outputs. The post covers architectural improvements and evaluation methodology for ensuring LLM reliability in production inference pipelines.

#vLLM #LLM inference #reinforcement learning #correctness

Read article →

DevOps 8.0

Kubernetes Blog

May 6, 2026

Kubernetes v1.36: Server-Side Sharded List and Watch

Kubernetes v1.36 introduces server-side sharded list and watch (KEP-5866, alpha) to solve controller scaling bottlenecks. Instead of each controller replica receiving the full event stream and discarding unwanted objects, the API server now filters events upstream and sends only the hash range each replica owns. This eliminates redundant deserialization and network bandwidth multiplication that plagued client-side sharding approaches like kube-state-metrics.

#Kubernetes #API server #scaling #controllers

Read article →

Cloud 5.0

Databricks Blog

May 6, 2026

Rethinking Distributed Systems for Serverless Performance and Reliability

Databricks discusses architectural innovations required to build truly serverless compute for Apache Spark, addressing fundamental challenges in distributed systems design. The post explores how serverless abstractions can maintain performance and reliability guarantees while scaling compute elastically.

#Spark #serverless #distributed systems #infrastructure

Read article →

Cloud 6.0

Cloudflare Blog

May 6, 2026

When DNSSEC goes wrong: how we responded to the .de TLD outage

On May 5, 2026, DENIC published incorrect DNSSEC signatures for the .de TLD, causing validating resolvers including 1.1.1.1 to reject queries with SERVFAIL. Cloudflare's post explains DNSSEC mechanics, the outage's scope (affecting millions of .de domains), and the temporary mitigations applied while DENIC resolved the issue.

#DNSSEC #DNS #outage #TLD infrastructure

Read article →

AI 7.0

The New Stack

May 6, 2026

Anthropic will let its managed agents dream

Anthropic expanded Managed Agents with a "dreaming" feature that runs scheduled processes to review recent agent sessions, identify patterns, and update agent memory. Combined with outcome-focused orchestration and multi-agent coordination, these features aim to reduce steering overhead for complex tasks.

#agents #memory #Claude #Managed Agents

Read article →

AI 6.0

The New Stack

May 6, 2026

Developers will use whatever AI coding tool they want. ServiceNow is building for that reality.

ServiceNow announced governance features, free low-code app management, and third-party tool integrations at Knowledge 2026, positioning itself as an "AI control tower" for managing agents built with any tool. The company emphasizes guardrails and security controls rather than lock-in, recognizing that enterprises need to govern heterogeneous agent deployments.

#agents #governance #security #multi-tool

Read article →

AI 8.0

The New Stack

May 6, 2026

Why Atlassian is letting Claude Code into its own data graph

Atlassian launched Max, a new mode in Rovo Chat that runs as a "mini Claude Code" with Teamwork Graph context, and opened its 150-billion-object data graph to MCP-compliant agents. The company released Teamwork Graph CLI and MCP servers in open beta, enabling third-party agents (Claude Code, IDE copilots) to query the same context substrate powering Rovo.

#agents #MCP #context #Claude

Read article →

AI 8.0

Google Cloud Blog

May 6, 2026

Pioneering AI-assisted code migration: How Google achieved 6x faster migration from TensorFlow to JAX

Google's AI and Infrastructure team developed a multi-agent approach to large-scale ML model migrations, achieving 6x faster TensorFlow-to-JAX conversions by maintaining context across thousands of lines of code and preserving mathematical equivalence. The system uses specialized agents to handle long-horizon tasks that generic coding assistants fail on, managing complex state across multiple files while avoiding hallucinations and API errors.

#agents #code-generation #ML-migration #tool-use

Read article →

AI 8.0

Google Cloud Blog

May 6, 2026

What's new in IAM: Security, governance, and runtime defense

Google Cloud introduced Agent Identity, a new first-class principal type for AI agents built on the SPIFFE standard, alongside Agent Gateway with Identity-Aware Proxy for managing agent access and runtime defense. The framework addresses autonomous agent security at machine speed with cryptographic attestation and agent-specific guardrails.

#agents #security #IAM #identity-management

Read article →

AI 7.0

Google Cloud Blog

May 6, 2026

The Blueprint: Translating stream-of-conscious speech into responsive, actionable task lists

Doist built Ramble, a speech-to-task feature for Todoist, using Gemini Enterprise Agent Platform with tool-calling capabilities to convert unstructured voice input into structured tasks. The system handles real-time multilingual processing with accent/slang support, non-deterministic output validation, and cross-browser audio handling.

#agents #tool-use #multimodal #speech-to-text

Read article →

Security 6.0

Google Cloud Blog

May 6, 2026

Google named a Leader in the 2026 Gartner Magic Quadrant for Cyberthreat Intelligence Technologies

Gartner named Google a Leader in the 2026 Magic Quadrant for Cyberthreat Intelligence Technologies, recognizing its unified platform combining Mandiant incident response, VirusTotal threat data, infrastructure visibility, and Gemini-powered agentic threat intelligence. Google positions agentic defense as autonomous AI agents that reason through malware and preemptively neutralize threats at scale.

#threat intelligence #agents #Gemini #Mandiant

Read article →

AI 6.0

Google Cloud Blog

May 6, 2026

Fitting the future: How Breuninger boosted sales with its 'be your own model' AI

Breuninger, a German fashion retailer, built a virtual try-on experience using Google Cloud's Virtual Try-On API that lets shoppers see high-end fashion on their own bodies from a selfie. The product evolved from catalog enrichment and body-type selection to a user-first, selfie-based model after direct collaboration with Google engineers revealed customer preference for seeing themselves rather than pre-selected models.

#generative media #computer vision #e-commerce #Virtual Try-On API

Read article →

Cloud 6.0

AWS ML Blog

May 6, 2026

Cost effective deployment of vision-language models for pet behavior detection on AWS Inferentia2

Tomofun migrated real-time pet behavior detection from GPU-based EC2 to AWS Inferentia2 (Inf2) instances, reducing inference costs while maintaining model fidelity for always-on workloads across hundreds of thousands of Furbo cameras. The case study details how BLIP vision-language models were deployed on purpose-built AI chips without major code rewrites, achieving cost efficiency for continuous pet activity monitoring.

#vision-language models #inference #AWS Inferentia2 #cost optimization

Read article →

AI 8.0

AWS News

May 6, 2026

The AWS MCP Server is now generally available

AWS MCP Server (GA) provides AI agents and coding assistants secure, authenticated access to AWS services via Model Context Protocol without exposing credentials. The server includes a compact tool set that avoids bloating model context windows, gives agents access to current AWS documentation and new services (S3 Vectors, Aurora DSQL, Bedrock AgentCore), and encourages use of CDK/CloudFormation over CLI with least-privilege IAM policies.

#MCP #agents #tool-use #AWS

Read article →

DevOps 7.0

The New Stack

May 6, 2026

Kubernetes finally lands user namespace support, but shared kernel problem remains

Kubernetes 1.36 shipped user namespace support for pods, remapping root processes to unprivileged identities on the host to mitigate privilege-escalation attacks. The feature reduces container-escape impact but does not solve the broader problem of shared kernels in multi-tenant environments, and may entrench the pattern of running containers as root by default.

#Kubernetes #security #namespaces #privilege-escalation

Read article →

AI 8.0

The New Stack

May 6, 2026

The company that made RAG mainstream is now betting against it

Pinecone, the vector database pioneer that defined RAG patterns for 800,000 developers, launched Nexus, a knowledge engine for agents that frames traditional retrieve-read-retrieve loops as inefficient. The company argues that 85 percent of agent effort goes to fetching context and agents stuck in RAG patterns finish only 50-60 percent of tasks, positioning knowledge compilation as the successor pattern.

#RAG #agents #vector databases #LLM

Read article →

Engineering 5.0

The New Stack

May 6, 2026

Why PHP performance keeps getting bumped from the roadmap

PHP teams consistently identify performance as a top challenge but rarely allocate sustained resources to address it. The article examines why performance improvements lose priority during roadmap planning: visible features are easier to scope and demonstrate business value, while performance wins are quiet and hard to communicate when trade-offs arise.

#PHP #performance #roadmap planning #engineering culture

Read article →

Cloud 5.0

Azure Blog

May 6, 2026

Scaling cloud and AI: Microsoft Azure's commitment to Europe's digital future

Microsoft announced significant datacenter expansion across Europe, adding regions in Austria, Belgium, Denmark, Greece, and Finland to support growing demand for cloud and AI workloads. The post highlights customer adoption of Microsoft 365 Copilot and Microsoft Foundry for AI-driven operations and product management.

#cloud infrastructure #data residency #regional expansion #AI deployment

Read article →

AI 8.0

The New Stack

May 6, 2026

How NetEase Games cut LLM cold starts from 42 minutes to 30 seconds

NetEase Games deployed Fluid, a Kubernetes-native data orchestration layer, to accelerate LLM model loading in serverless GPU environments. By enabling prefetching workflows, model load time dropped from 42 minutes to 3 minutes, transforming elastic compute from theoretical to operationally viable for inference workloads across regions.

#LLM inference #Kubernetes #cold starts #data caching

Read article →

Security 6.0

The Hacker News

May 6, 2026

MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack

The Iranian state-sponsored group MuddyWater (also tracked as Mango Sandstorm, Seedworm, Static Kitten) conducted a false-flag ransomware attack using social engineering via Microsoft Teams to initiate infection. Rapid7 observed the campaign in early 2026.

#MuddyWater #ransomware #social engineering #credential theft

Read article →

AI 7.0

The New Stack

May 6, 2026

Why the Linux Foundation adopted MCP, with Jim Zemlin and Mazin Gilbert

The Linux Foundation established the Agentic AI Foundation (AAIF) in late 2025 to steward open-source agentic tooling including Model Context Protocol (MCP), Goose, and AGENTS.md. Mazin Gilbert took over as executive director from Jim Zemlin, positioning the foundation to define standards and governance for the emerging agentic AI stack.

#agents #MCP #open-source #foundation governance

Read article →

DevOps 6.0

CNCF Blog

May 6, 2026

The tools are ready. So why are most cloud native teams still running three observability stacks?

A CNCF survey of 407 practitioners found that 46.7% of organizations run two to three observability tools in parallel despite mature standards like OpenTelemetry, Prometheus, Jaeger, and Loki. Only 7.4% achieved unified observability, with fragmentation cited as the top improvement priority across all company sizes.

#observability #OpenTelemetry #Prometheus #tool fragmentation

Read article →

AI 6.0

The Hacker News

May 6, 2026

Your AI Agents Are Already Inside the Perimeter. Do You Know What They're Doing?

Gartner's inaugural Market Guide for Guardian Agents confirms that enterprise AI agent adoption is outpacing governance maturity. Identity security teams report that AI agents are being deployed faster than enterprises can establish policy controls and oversight mechanisms.

#AI agents #governance #identity security #enterprise risk

Read article →

AI 7.0

DeepMind

May 6, 2026

AlphaEvolve: How our Gemini-powered coding agent is scaling impact across fields

AlphaEvolve is a Gemini-powered coding agent that applies algorithmic discovery and optimization across business, infrastructure, and science domains. The agent automates algorithm design and implementation, scaling impact beyond traditional software engineering.

#LLM #agents #code generation #Gemini

Read article →

AI 7.0

The New Stack

May 6, 2026

"AI systems do not understand": New report flags systemic failures in AI coding

The ACM Technology Policy Council released a briefing on AI-assisted coding (vibe coding) documenting productivity gains alongside security and maintainability risks. The report warns that current platforms lack safeguards for code generation and execution, requiring developers to enforce testing, specifications, and standards despite AI assistance.

#code generation #AI safety #security vulnerabilities #software engineering

Read article →

Security 6.0

The Hacker News

May 6, 2026

Google's Android Apps Get Public Verification to Stop Supply Chain Attacks

Google expanded Binary Transparency for Android to create a public ledger verifying that distributed Google apps match intended builds. The initiative extends Pixel Binary Transparency (introduced October 2021) to the broader Android ecosystem as a defense against supply chain tampering.

#supply-chain security #binary transparency #Android #attestation

Read article →

Security 5.0

The Hacker News

May 6, 2026

Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs

Researchers disclosed an intrusion campaign using CloudZ remote access tool (RAT) and a previously undocumented plugin called Pheno to steal credentials and one-time passwords (OTPs) via Windows Phone Link. The attack chain exploits Phone Link as an entry vector for credential harvesting.

#RAT #credential theft #OTP bypass #Windows Phone Link

Read article →

Security 9.0

The Hacker News

May 6, 2026

Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution

Palo Alto Networks disclosed CVE-2026-0300, a CVSS 9.3 unauthenticated buffer overflow in PAN-OS enabling remote code execution. The vulnerability is actively exploited in the wild when User-ID Authentication Portal is internet-facing. Patch availability and scope of affected versions require immediate verification.

#CVE #RCE #buffer-overflow #PAN-OS

Read article →

AI 6.0

Hugging Face Blog

May 6, 2026

Adding Benchmaxxer Repellant to the Open ASR Leaderboard

Hugging Face updates the Open ASR Leaderboard with defenses against benchmark gaming and data contamination. The update introduces detection mechanisms to identify when submissions use private training data or employ other tactics to artificially inflate benchmark scores.

#evals #benchmarking #ASR #data contamination

Read article →

AI 6.0

Anthropic News

May 6, 2026

Higher usage limits for Claude and a compute deal with SpaceX

Anthropic has announced increased usage limits for Claude API and a compute partnership with SpaceX. The deal likely involves SpaceX providing compute infrastructure to support Claude inference at scale.

#LLM #Claude #compute #infrastructure

Read article →

AI 5.0

OpenAI Blog

May 6, 2026

How frontier firms are pulling ahead

OpenAI's B2B Signals research identifies how leading enterprises scale Codex-powered agentic workflows to build competitive advantage. The report reveals patterns in AI adoption depth and workflow automation across frontier firms.

#LLM #agents #code generation #enterprise adoption

Read article →

AI 5.0

Databricks Blog

May 5, 2026

The AI scaling gap hiding in digital native companies

Databricks examines why digital-native companies with strong data foundations struggle to scale AI initiatives, despite having engineering talent and data infrastructure. The post identifies organizational and technical gaps that prevent these companies from translating data advantages into AI capabilities.

#AI #scaling #data infrastructure #organizational

Read article →

AI 6.0

Google Cloud Blog

May 5, 2026

Public sector momentum and mission impact at Google Cloud Next '26

Google Cloud highlights 40+ public sector organizations deploying AI agents at scale, featuring case studies from FDA, DOT, and City of Los Angeles on productivity gains and mission-critical workflows. The post emphasizes agent governance, workforce augmentation, and service delivery transformation.

#agents #governance #public sector #Gemini

Read article →

DevOps 7.0

Databricks Blog

May 5, 2026

10 trillion samples a day: Scaling beyond traditional monitoring infra at Databricks

Databricks published a technical deep-dive on scaling its internal monitoring infrastructure to handle 10 trillion samples per day, tripling capacity over the past year. The article likely covers architectural decisions for handling massive observability workloads beyond traditional monitoring stacks.

#observability #monitoring #infrastructure #scaling

Read article →

AI 8.0

The New Stack

May 5, 2026

AI and Claude: The internal rebellion that changed Amazon's rules

Amazon granted tens of thousands of developers access to Anthropic's Claude Code and will soon offer OpenAI's Codex, both running on AWS and Amazon Bedrock, reversing internal restrictions that previously pushed developers toward the proprietary Kiro tool. The move responds to developer demand for third-party agentic coding tools while maintaining security and compliance controls.

#agents #coding #Claude #tool-use

Read article →

AI 7.0

The New Stack

May 5, 2026

OpenAI rolls out GPT-5.5 Instant as default ChatGPT model, promises more accurate responses

OpenAI made GPT-5.5 Instant the default ChatGPT model, emphasizing factuality improvements and reduced hallucinations across visual reasoning and math domains. The lighter variant complements the full GPT-5.5 for complex reasoning, positioning Instant for everyday tasks with faster responses and fewer unnecessary refusals.

#LLM #ChatGPT #inference #factuality

Read article →

DevOps 7.0

Kubernetes Blog

May 5, 2026

Kubernetes v1.36: Declarative Validation Graduates to GA

Kubernetes v1.36 moves declarative validation for native types to GA, replacing ~18,000 lines of handwritten Go validation code with a unified framework. This eliminates technical debt, improves consistency across resources, and enables future integration with OpenAPI and ecosystem tools like Kubebuilder.

#Kubernetes #validation #API design #CRD

Read article →

AI 9.0

The New Stack

May 5, 2026

The context window has been shattered: Subquadratic debuts a 12-million-token window

Subquadratic, a Miami startup, launched a model with a 12-million-token context window using Subquadratic Selective Attention (SSA), an architecture that scales linearly in compute and memory instead of quadratically. The model achieves 92.1% accuracy on needle-in-haystack retrieval at 12M tokens and runs 52x faster than dense attention, with plans for a 50-million-token variant.

#LLM #context window #attention #architecture

Read article →

AI 7.0

The New Stack

May 5, 2026

AI has a sprawling data problem. Airbyte has just launched a tool to fix it.

Airbyte launched Airbyte Agents with a Context Store that precomputes and indexes business data from multiple SaaS tools (Salesforce, Zendesk, Jira, Slack) into a single queryable index, allowing AI agents to run lookups against indexed state instead of calling live APIs at runtime. This approach reduces typical agent tasks from five or six API calls to one or two while trimming token usage.

#agents #RAG #data indexing #latency

Read article →

AI 7.0

AWS News

May 5, 2026

Modernize your workflows: Amazon WorkSpaces now gives AI agents their own desktop (preview)

AWS enables AI agents to operate within Amazon WorkSpaces managed virtual desktops, allowing automation of legacy desktop and mainframe applications without API modernization. Agents inherit the same security, audit trails, and enterprise isolation as employee desktops, addressing the 75% of enterprises running legacy systems without modern APIs.

#agents #desktop automation #legacy systems #enterprise

Read article →

AI 6.0

The New Stack

May 5, 2026

"Real maturity problems": Not every developer is thrilled with Bun after Anthropic acquisition

Anthropic acquired Bun (a JavaScript/TypeScript runtime and toolkit) in December 2025 to power Claude Code, embedding it as a dependency in the AI coding agent. Bun was chosen for millisecond-level startup performance critical to AI-led development tools, but the acquisition has raised concerns among developers about vendor lock-in and the runtime's maturity.

#Claude Code #Bun runtime #AI tooling #JavaScript

Read article →

AI 5.0

AWS ML Blog

May 5, 2026

How Hapag-Lloyd uses Amazon Bedrock to transform customer feedback into actionable insights

Hapag-Lloyd, a major container shipping company, uses Amazon Bedrock to process customer feedback at scale. The case study describes their digital transformation journey and how LLMs extract actionable insights from unstructured customer data across their global operations.

#LLM #Bedrock #customer feedback #NLP

Read article →

AI 7.0

AWS ML Blog

May 5, 2026

Streamlining generative AI development with MLflow v3.10 on Amazon SageMaker AI

Amazon SageMaker AI now supports MLflow v3.10, which adds enhanced tracing for multi-turn workflows, tighter LLM framework integration, and the mlflow.genai.evaluation() API for systematic quality measurement across development-to-production. Improvements target agentic workflows and generative AI observability.

#MLflow #observability #evals #agents

Read article →

AI 8.0

AWS ML Blog

May 5, 2026

Introducing OS Level Actions in Amazon Bedrock AgentCore Browser

Amazon Bedrock AgentCore Browser now supports OS-level actions beyond DOM manipulation, enabling agents to interact with native dialogs, system prompts, keyboard shortcuts, and OS-rendered UI elements. This extends browser automation to handle print dialogs, security prompts, certificate choosers, and context menus that CDP and Playwright cannot reach.

#agents #browser automation #AgentCore #vision

Read article →

Security 9.0

The Hacker News

May 5, 2026

Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE

Apache Software Foundation released security updates for CVE-2026-23918 (CVSS 8.8), a double-free vulnerability in HTTP/2 protocol handling that enables denial of service and potential remote code execution in Apache HTTP Server.

#CVE-2026-23918 #Apache HTTP Server #HTTP/2 #RCE

Read article →

Security 8.0

The Hacker News

May 5, 2026

DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware

Kaspersky identified a supply chain attack targeting DAEMON Tools where official installers distributed from the legitimate website and signed with valid developer certificates were compromised to deliver malicious payloads.

#supply-chain attack #malware #signed binaries #DAEMON Tools

Read article →

AI 8.0

Google Cloud Blog

May 5, 2026

Five must-have guides to move agents into production with Gemini Enterprise Agent Platform

Google Cloud details production patterns for AI agents via the Gemini Enterprise Agent Platform, covering long-running state management (up to 7 days), checkpoint-resume mechanisms, delegated approval workflows, and governance stacks. The Agent Runtime now supports stateful agents that pause for human review without consuming compute, addressing real production challenges beyond prompt engineering.

#agents #orchestration #state management #governance

Read article →

AI 8.0

Google Cloud Blog

May 5, 2026

Introducing Agent Gateway ISV ecosystem for security and governance

Google Cloud announces Agent Gateway, a programmable data plane for AI agents that enforces security across user-to-agent, agent-to-agent, and agent-to-tool interactions. The platform integrates with third-party security providers including Symantec DLP to inspect and enforce policies on agent traffic in real time, addressing data exfiltration risks in agentic systems.

#agents #security #governance #data loss prevention

Read article →

AI 7.0

NVIDIA Developer Blog

May 5, 2026

How to Build In-Vehicle AI Agents with NVIDIA: From Cloud to Car

NVIDIA outlines building agentic, multimodal AI systems for automotive cockpits that move beyond fixed command-response patterns to reasoning and planning. The post covers cloud-to-edge deployment of agents capable of handling complex, open-ended driving scenarios.

#agents #multimodal #edge-AI #automotive

Read article →

AI 8.0

NVIDIA Developer Blog

May 5, 2026

Building for the Rising Complexity of Agentic Systems with Extreme Co-Design

NVIDIA discusses architectural patterns for complex agentic systems where agents spawn sub-agents, manage tool calls, retain memory, and self-determine completion. The post emphasizes co-design of hardware and software to handle agent complexity, context management, and dynamic task spawning.

#agents #architecture #tool-use #memory

Read article →

AI 7.0

AWS ML Blog

May 5, 2026

Secure AI agents with Amazon Bedrock AgentCore Identity on Amazon ECS

AWS details implementing OAuth 2.0 and OIDC for AI agents running on ECS, using AgentCore Identity to secure external service access with session binding and scoped tokens. The post covers Authorization Code Grant flow, CSRF prevention, and least-privilege token scoping for production agent workloads.

#agents #OAuth #identity #ECS

Read article →

AI 6.0

AWS ML Blog

May 5, 2026

Intelligence-driven message defense and insights using Amazon Bedrock

AWS demonstrates using Amazon Nova foundation models in Bedrock to detect and prevent direct contact exchange (phone numbers, addresses, websites) in brokerage messaging systems, protecting commission revenue and marketplace integrity. The solution applies LLM-based content filtering to in-app messaging while preserving legitimate transaction details.

#LLM #content-filtering #Bedrock #Nova

Read article →

Cloud 5.0

Databricks Blog

May 5, 2026

How nOps Rebuilt Their Cloud Optimization Platform on Databricks Lakebase, and Why Other ISVs Should Too

nOps migrated their cloud cost optimization platform to Databricks Lakebase, leveraging unified data lakehouse for analytics and AI workloads. The post outlines ISV benefits of Lakebase for multi-tenant SaaS platforms managing large-scale cloud spend data.

#Lakebase #data-lakehouse #cloud-optimization #ISV

Read article →

AI 5.0

Google Cloud Blog

May 5, 2026

Cloud Engineer's AI Toolkit: Sign up Now for a Developer Workshop Near You!

Google Cloud is hosting hands-on workshops across North America targeting platform, security, and data engineers to build production agentic AI systems. Topics include hardening GKE clusters for AI workloads, securing inference endpoints, automating cluster operations via natural language, and transforming data warehouses for autonomous agents.

#agents #Kubernetes #security #MLOps

Read article →

AI 7.0

GitHub Blog

May 5, 2026

Welcome to Maintainer Month: Celebrating the people behind the code

GitHub reflects on how AI-driven agentic workflows are accelerating pull request volume and contributor onboarding, while creating new maintenance burden on human maintainers. The post highlights emerging standards like agents.md and trust systems that help maintainers regain control over contribution quality and project direction.

#agents #open-source #maintainers #workflow

Read article →

Security 6.0

The Hacker News

May 5, 2026

China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions

Cisco Talos attributes a China-nexus APT group (UAT-8302) to coordinated attacks on government entities in South America since late 2024 and southeastern Europe in 2025, using custom malware families deployed post-exploitation. The campaign demonstrates cross-regional targeting and shared malware infrastructure.

#APT #malware #government #threat-intelligence

Read article →

AI 6.0

Docker Blog

May 5, 2026

Generate Images Locally with Docker Model Runner and Open WebUI

Docker Model Runner now enables local image generation by packaging models and exposing an OpenAI-compatible API that Open WebUI can consume. Users can run image-generation models entirely on-device with GPU acceleration (NVIDIA CUDA, Apple Silicon MPS, or CPU fallback), eliminating cloud dependencies and privacy concerns.

#local inference #image generation #Docker #OpenAI API

Read article →

Security 8.0

The Hacker News

May 5, 2026

The Back Door Attackers Know About — and Most Security Teams Still Haven't Closed

OAuth tokens generated when employees connect AI tools, workflow automation, and productivity apps to Google or Microsoft accounts persist indefinitely with no expiration, automatic cleanup, or visibility to security teams. These tokens bypass perimeter controls and MFA, creating a persistent backdoor for attackers who obtain them.

#OAuth #supply-chain #credential persistence #cloud integrations

Read article →

Security 8.0

The Hacker News

May 5, 2026

MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks

CVE-2026-29014 (CVSS 9.8) in MetInfo CMS versions 7.9, 8.0, and 8.1 is an unauthenticated PHP code injection flaw allowing arbitrary code execution. Threat actors are actively exploiting this vulnerability in the wild.

#CVE #RCE #PHP #unauthenticated

Read article →

AI 7.0

Google Cloud Blog

May 5, 2026

Agent Factory Recap: How Gemma 4 Taught Itself Physics

Google DeepMind releases Gemma 4, an open-source model family spanning three architectures: E2B/E4B for mobile/edge, 31B dense for consumer GPUs, and 26B MoE for high-throughput reasoning. With 50 million downloads since launch and Apache 2 licensing, Gemma 4 enables developers to build, modify, and commercialize agentic applications on consumer hardware.

#LLM #open-source #agents #edge deployment

Read article →

AI 7.0

The New Stack

May 5, 2026

AI agents need to spend money — Stripe and iWallet are building the rails

Stripe and iWallet have released new payment protocols (Machine Payments Protocol and iWallet's competing standard) designed for autonomous AI agents to execute transactions, route funds, and settle multi-party payments without human intervention. Traditional payment infrastructure built for human-driven commerce cannot handle the speed, autonomy, and complexity of agent-to-service transactions at scale.

#agents #payments #infrastructure #autonomy

Read article →

Engineering 7.0

The New Stack

May 5, 2026

ScyllaDB cut Sprig's read latency 4X after Redis and ClickHouse hit a wall

Sprig, an AI-powered product research platform, migrated from Postgres to ScyllaDB after hitting scale limits at 1.3T events and 75B attributes. The platform's real-time user behavior evaluation and AI-driven survey triggering required sub-millisecond latency that Postgres and intermediate caching layers could not sustain, achieving 4X latency reduction with ScyllaDB.

#databases #latency #scaling #real-time analytics

Read article →

DevOps 6.0

CNCF Blog

May 5, 2026

Announcing Kyverno release 1.18!

Kyverno 1.18 introduces hardened HTTP-based policy execution with blocklist/allowlist enforcement for external service calls, CLI enhancements for testing modern policy types, and continued migration toward CEL-based policies. The release includes no breaking changes and addresses multiple CVEs while improving performance and observability.

#Kubernetes #policy-as-code #security #CEL

Read article →

AI 7.0

The Hacker News

May 5, 2026

We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually Is

A scan of 1 million exposed AI services reveals widespread security gaps in self-hosted LLM infrastructure. Organizations prioritizing speed of AI adoption over security controls are leaving inference endpoints, model repositories, and supporting services inadequately protected.

#LLM #infrastructure #self-hosted #exposure

Read article →

AI 8.0

OpenAI Blog

May 5, 2026

Unlocking large scale AI training networks with MRC (Multipath Reliable Connection)

OpenAI introduces MRC (Multipath Reliable Connection), a new supercomputer networking protocol released via OCP to improve resilience and performance in large-scale AI training clusters. MRC addresses packet loss and latency challenges in distributed training by enabling multipath routing and adaptive congestion control across interconnected GPUs.

#AI infrastructure #training networks #networking #supercomputing

Read article →

Security 7.0

The Hacker News

May 5, 2026

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

North Korea-aligned ScarCruft compromised a gaming platform in a supply-chain attack, distributing the BirdCall backdoor across Android and Windows to target ethnic Koreans in China. This marks the first cross-platform deployment of BirdCall, which previously focused on Windows only.

#supply-chain #malware #Android #Windows

Read article →

DevOps 7.0

Docker Blog

May 5, 2026

Precision Container Security with Docker and Black Duck

Docker and Black Duck integration uses VEX (Vulnerability Exploitability eXchange) statements and Docker Hardened Images to automatically triage container vulnerabilities, filtering base-layer noise from application-layer risk. The integration auto-detects DHI base images, enriches SBOMs with exploitability status, and reduces false-positive triage overhead.

#container security #VEX #SBOM #vulnerability triage

Read article →

Security 9.0

The Hacker News

May 5, 2026

Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API

CVE-2026-22679 (CVSS 9.8) is an unauthenticated remote code execution vulnerability in Weaver E-cology 10.0 prior to version 20260312, exposed via an unprotected debug API endpoint at /papi/esearch/data/devops/. The flaw is under active exploitation in the wild.

#CVE #RCE #unauthenticated #critical

Read article →

Security 7.0

The Hacker News

May 5, 2026

Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries

Microsoft disclosed a large-scale credential theft campaign spanning April 14-16, 2026, targeting over 35,000 users across 13,000+ organizations in 26 countries. The attack used code-of-conduct-themed lures and legitimate email services to redirect victims to attacker-controlled domains and steal authentication tokens.

#phishing #credential theft #threat intelligence #multi-stage attack

Read article →