100 stories from 22 sources
⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More Monday is back, and the weekend’s backlog of chaos is officially hitting the fan. We are tracking a critical zero-day that has been…
Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active exploitation in the wild, per the U.S. Cybersec…
CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added eight new vulnerabilities to its Known Exploited Vulnerabilities…
CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added half a dozen security flaws to its Known Exploited Vulnerabil…
Iranian Threat Actors Disrupt US Critical Infrastructure via Exposed PLCs Attackers compromised Internet-facing OT devices and caused file and display manipulation, operational disruption, and financial losses across se…
NIST Launches Centers for AI in Manufacturing and Critical Infrastructure NIST has expanded its collaboration with the nonprofit MITRE Corporation as part of its efforts to ensure U.S. leadership in artificial intellige…
CISA Announces New Town Halls to Engage with Stakeholders on Cyber Incident Reporting for Critical Infrastructure
CISA’s 2025 Year in Review: Driving Security and Resilience Across Critical Infrastructure
CISA Releases Guide to Help Critical Infrastructure Users Adopt More Secure Communication
CISA Urges Critical Infrastructure Organizations to Take Action Against Insider Threats
Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code executio…
Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials Web infrastructure provider Vercel has disclosed a security breach that allows bad actors to gain unauthorized access to "certain" internal Verc…
Ingress NGINX: Statement from the Kubernetes Steering and Security Response Committees In March 2026, Kubernetes will retire Ingress NGINX, a piece of critical infrastructure for about half of cloud native environments.…
Kubernetes v1.34: Pods Report DRA Resource Health The rise of AI/ML and other high-performance workloads has made specialized hardware like GPUs, TPUs, and FPGAs a critical component of many Kubernetes clusters. However…
n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails Threat actors have been observed weaponizing n8n, a popular artificial intelligence (AI) workflow automation platform, to facilitate sophisti…
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more…
Kubernetes v1.34: Mutable CSI Node Allocatable Graduates to Beta The functionality for CSI drivers to update information about attachable volume count on the nodes , first introduced as Alpha in Kubernetes v1.33, has gr…
Building a Sustainable Metals Infrastructure: NIST Report Highlights Key Strategies Making metals processing more sustainable and resilient will support U.S industrial innovation and competitiveness.
Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts An international law enforcement operation has taken down 53 domains and arrested four people in connection with commercial distributed deni…
108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users Cybersecurity researchers have discovered a new campaign in which a cluster of 108 Google Chrome extensions has been found to commun…
FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts The U.S. Federal Bureau of Investigation (FBI), in partnership with the Indonesian National Police, has dismantled the infrastructure…
Towards Energy Impact on AI-Powered 6G IoT Networks: Centralized vs. Decentralized arXiv:2604.19377v1 Announce Type: new Abstract: The emergence of sixth-generation (6G) technologies has introduced new challenges and op…
SPRITE: From Static Mockups to Engine-Ready Game UI arXiv:2604.18591v1 Announce Type: cross Abstract: Game UI implementation requires translating stylized mockups into interactive engine entities. However, current "Scre…
HELM: Harness-Enhanced Long-horizon Memory for Vision-Language-Action Manipulation arXiv:2604.18791v1 Announce Type: cross Abstract: Vision-Language-Action (VLA) models fail systematically on long-horizon manipulation t…
PLaMo 2.1-VL Technical Report arXiv:2604.19324v1 Announce Type: cross Abstract: We introduce PLaMo 2.1-VL, a lightweight Vision Language Model (VLM) for autonomous devices, available in 8B and 2B variants and designed f…
SAGE: Signal-Amplified Guided Embeddings for LLM-based Vulnerability Detection arXiv:2604.19031v1 Announce Type: new Abstract: Software vulnerabilities are a primary threat to modern infrastructure. While static analysi…
API Security Based on Automatic OpenAPI Mapping arXiv:2604.19471v1 Announce Type: new Abstract: This paper presents Map Reduce Graph (MRG), a novel unsupervised method for modeling and securing HTTP REST APIs. MRG learn…
Cyber Risk Scoring with QUBO: A Quantum and Hybrid Benchmark Study arXiv:2512.18305v2 Announce Type: replace-cross Abstract: Assessing cyber risk in complex IT infrastructures poses significant challenges due to the dyn…
Nium taps Coinbase to add USDC into global payments network Nium integrates Coinbase’s infrastructure to enable USDC-based cross-border payments, allowing businesses to settle in fiat or stablecoins without relying on p…
From 80 days to 5: How Banco Bradesco accelerated digital product delivery with HCP Terraform Through policy as code, curated modules, and platform orchestration, Banco Bradesco reduced provisioning time while strengthe…
Stop New York's Attack on 3D Printing New York's proposed 2026-2027 budget currently includes provisions that will require all 3D printers sold in the state to run print-blocking censorware —software that surveils every…
Capacity Efficiency at Meta: How Unified AI Agents Optimize Performance at Hyperscale We’re sharing insights into Meta’s Capacity Efficiency Program, where we’ve built an AI agent platform that helps automate finding an…
Building the foundation for running extra-large language models We built a custom technology stack to run fast large language models on Cloudflare’s infrastructure. This post explores the engineering trade-offs and tech…
Monolithic 3D integration of tantalum pentoxide nonlinear photonics Nature, Published online: 15 April 2026; doi:10.1038/s41586-026-10379-w Monolithic three-dimensional (3D) integration of tantalum pentoxide on a lithiu…
How Drasi used GitHub Copilot to find documentation bugs How Microsoft uses AI agents and Drasi to keep open‑source documentation accurate and working. The post How Drasi used GitHub Copilot to find documentation bugs a…
Harshita Arora Joins YC as General Partner We're thrilled to announce that Harshita Arora is joining Y Combinator as a General Partner. She brings deep fintech and infrastructure experience, a founder's instinct for pro…
KernelEvolve: How Meta’s Ranking Engineer Agent Optimizes AI Infrastructure This is the second post in the Ranking Engineer Agent blog series exploring the autonomous AI capabilities accelerating Meta’s Ads Ranking inno…
Speaking Freely: Jacob Mchangama Interviewer: Jillian York Jacob Mchangama is a Danish lawyer, human-rights advocate, and public commentator. He is the founder and director of Justitia, a Copenhagen-based think tank foc…
LAB3 accelerates cloud modernization with HashiCorp-powered unified workflows LAB3 helps enterprises transition from ticket-driven operations to a unified workflow across infrastructure, security, and networking to acce…
Everything as code for your security lifecycle Solve security and scalability problems through an “as code” approach to infrastructure and security lifecycle management. Learn how Terraform can help you manage secrets a…
Before You Migrate: Five Surprising Ingress-NGINX Behaviors You Need to Know As announced November 2025, Kubernetes will retire Ingress-NGINX in March 2026. Despite its widespread usage, Ingress-NGINX is full of surpris…
Building Day 2 ops guardrails with Terraform and Packer Provisioning infrastructure is only the beginning. Learn how five key Day 2 guardrails for IT operations help keep environments secure and compliant as they change.
Terraform Enterprise 1.2 upgrades workflows, visibility, and brownfield migration Terraform Enterprise 1.2 adds full support for Terraform actions, includes new search and import features, and the Terraform Explorer das…
Microsoft Sovereign Cloud adds governance, productivity and support for large AI models securely running even when completely disconnected As digital sovereignty becomes a strategic requirement, organizations are rethin…
Saving banks from technical debt: How Atruvia built secure, self-service infrastructure Burdened by legacy IT, Atruvia rebuilt its digital core with HashiCorp, automating infrastructure, enforcing compliance, and slashi…
Introducing Node Readiness Controller In the standard Kubernetes model, a node’s suitability for workloads hinges on a single binary "Ready" condition. However, in modern Kubernetes environments, nodes require complex i…
New Conversion from cgroup v1 CPU Shares to v2 CPU Weight I'm excited to announce the implementation of an improved conversion formula from cgroup v1 CPU shares to cgroup v2 CPU weight. This enhancement addresses critic…
Announcing the Checkpoint/Restore Working Group The community around Kubernetes includes a number of Special Interest Groups (SIGs) and Working Groups (WGs) facilitating discussions on important topics between intereste…
Uniform API server access using clientcmd If you've ever wanted to develop a command line client for a Kubernetes API, especially if you've considered making your client usable as a kubectl plugin, you might have wonder…
Kubernetes v1.35: Restricting executables invoked by kubeconfigs via exec plugin allowList added to kuberc Did you know that kubectl can run arbitrary executables, including shell scripts, with the full privileges of th…
Kubernetes v1.35: Mutable PersistentVolume Node Affinity (alpha) The PersistentVolume node affinity API dates back to Kubernetes v1.10. It is widely used to express that volumes may not be equally accessible by all node…
Kubernetes v1.35: New level of efficiency with in-place Pod restart The release of Kubernetes 1.35 introduces a powerful new feature that provides a much-requested capability: the ability to trigger a full, in-place res…
Kubernetes 1.35: Enhanced Debugging with Versioned z-pages APIs Debugging Kubernetes control plane components can be challenging, especially when you need to quickly understand the runtime state of a component or verify…
Kubernetes v1.35: Watch Based Route Reconciliation in the Cloud Controller Manager Up to and including Kubernetes v1.34, the route controller in Cloud Controller Manager (CCM) implementations built using the k8s.io/clou…
Kubernetes v1.35: Introducing Workload Aware Scheduling Scheduling large workloads is a much more complex and fragile operation than scheduling a single Pod, as it often requires considering all Pods together instead of…
Kubernetes v1.35: Kubelet Configuration Drop-in Directory Graduates to GA With the recent v1.35 release of Kubernetes, support for a kubelet configuration drop-in directory is generally available. The newly stable featu…
Kubernetes v1.35: Job Managed By Goes GA In Kubernetes v1.35, the ability to specify an external Job controller (through .spec.managedBy ) graduates to General Availability. This feature allows external controllers to t…
Updated Apple Developer Program License Agreement now available The Apple Developer Program License Agreement has been revised to support new features, updated policies, and to provide clarification. Please review the c…
New requirement for apps using Sign in with Apple for account creation Starting January 1, 2026, developers based in the Republic of Korea must provide a server‑to‑server notification endpoint when registering a new Ser…
Kubernetes v1.34: DRA Consumable Capacity Dynamic Resource Allocation (DRA) is a Kubernetes API for managing scarce resources across Pods and containers. It enables flexible resource requests, going beyond simply alloca…