11 articles tagged #devops
OpenTofu 1.12.1 patches multiple SSH vulnerabilities in the underlying golang.org/x/crypto library, including hangs, panics, and a cert revocation bypass. All v1.12.0 users should upgrade.
Prometheus 3.12.0 (released May 28) patches two security issues: STACKIT service discovery exposed credentials in plaintext via the config endpoint, and remote write receivers had no limit on snappy decompression size.
Kubernetes 1.33 reaches end of life on June 28. No more security patches after that date. If you're on 1.33 or older, you have 27 days to act.
Azure Linux 4.0 is Microsoft's first Fedora-based general-purpose server distro, released into public preview on Azure VMs. Here's what it means for teams running Linux in production — and why Microsoft now wants to own the OS layer, not just host it.
IBM and Red Hat launched Project Lightwell backed by $5B and Anthropic's Mythos AI model, which flagged 23,000 potential vulnerabilities across 1,000+ open source projects. Here's what the numbers actually mean and what to do before the disclosures land.
Over 160 npm packages were backdoored with valid SLSA Build Level 3 attestations. The trust model for GitHub Actions is broken -- here is what to fix.
Wimer Hazenberg migrated his full production stack from US to European cloud services. Here is what moved, what stayed, and the friction at each step.
Forgejo is a self-hosted Git forge with a GitHub-compatible API. Here is what the migration actually involves and why self-hosted git is a real choice again.
ingress-nginx went EOL in March 2026. No security patches, no CVE fixes. 50% of Kubernetes clusters still run it. Time to move to Gateway API.
Single-agent prompts collapse under their own weight. How to design Claude Code agent teams that hold up: org chart first, profiles second, budget last.
The shift to internal developer platforms and AIOps is real. The reason DevOps engineers are angry about it is worth looking at honestly.