Kubernetes 1.33 EOL: 27 days to upgrade
Kubernetes 1.33 reaches end of life on June 28. No more security patches after that date. If you're on 1.33 or older, you have 27 days to act.
Infrastructure Strategy
Articles in Infrastructure Strategy
CVSS 10.0: Cisco SD-WAN Auth Bypass, Patch Now
CVE-2026-20182: CVSS 10.0 auth bypass in Cisco SD-WAN, exploited by UAT-8616. No credentials needed. Patch now and audit SSH authorized_keys for backdoors.
Switching my entire stack to European services
Wimer Hazenberg migrated his full production stack from US to European cloud services. Here is what moved, what stayed, and the friction at each step.
Replacing SQLite with an FST: 300x smaller (and why it works)
Andrew Quinn replaced a 3 GB SQLite database with a 10 MB FST binary. 300x smaller, same lookups. Here is when FSTs beat SQLite for static lookup data.
Debian 14 blocks packages that fail reproducible builds
Debian 14 is the first distro to hard-gate on reproducible builds. 414 packages are currently blocked from testing. What this means for maintainers and downstream users.
Kubernetes 1.36 DRA: GPU scheduling is production-ready
Kubernetes 1.36 completes DRA's GA story for GPU workloads. We cover device taints, MIG partitioning, and what breaks before you ship this to prod.
Vault 2.0: IBM rebrand of 1.21, rekey automation breaks
Vault 2.0 is IBM rebranding 1.21, not a ground-up rebuild. Three breaking changes to check before upgrading: Azure auth precedence flipped, sys/rekey and two other endpoints now require a token, unauthenticated rekey scripts fail silently.