DevOps Security News
Security in On Call Brief means the parts that land on the platform and SRE teams: the actively-exploited CVE in a dependency you ship, the supply-chain advisory in your CI, the privilege-escalation bug in a managed service you assumed was someone else's problem. We skip the marketing FUD and focus on what's exploitable, what's patched, and what an operator should do this week.
Each brief below distills the week's security-relevant change — patches, advisories, and incident disclosures — with the operator impact called out plainly. It's vulnerability triage for people who own production, not a threat-intel firehose.
Security in recent briefs
On Call Brief – Week of May 31–June 6, 2026
The 28-Hour Meltdown: What Happened When AWS US-EAST-1 Overheated; Google Cloud Suspends Railway's Production Account; AWS Organizations emits CloudTrail events for account membership changes - Only…
On Call Brief – Week of May 24–30, 2026
DevOps'ish 310: The Breaches Are Coming From Inside the Extension Store; The War Between Wars: How an IRGC Front Runs Destructive OT and IT Attacks Under…
On Call Brief – Week of May 17–23, 2026
CISA Credentials, Sensitive Data Exposed in GitHub Repository; GitHub Breach Tied to Malicious VS Code Extension Exposes Thousands of Internal Repositories; Researcher says Microsoft secretly built…
On Call Brief – Week of May 10–16, 2026
EdTech Firm Instructure Pays Ransom as U.S. House Starts Investigation; Instructure Pays Ransom to Canvas Hackers; Cloudflare: 12 Scheduled Maintenance Windows (Network Performance Issues, Los Angeles,…
On Call Brief – Week of May 3–9, 2026
How a Cursor AI agent wiped PocketOS’s production database in under 10 seconds; When DNSSEC goes wrong: how we responded to the .de TLD outage; Argo…
On Call Brief – Week of April 26–May 2, 2026
Microsoft Outlook for iOS still down and out for many after 'service change'; GitHub Faces Scaling Issues as AI Development Surges; China-Backed Groups Are Using Massive…
On Call Brief – Week of April 19–25, 2026
Everyone Wants Servers And Nobody Wants Servers; ingress-nginx to Envoy Gateway migration on CNCF internal services cluster; Cloudflare: 8 Scheduled Maintenance Windows (Sydney, Salt Lake City,…
On Call Brief – Week of 2026-04-12
A guide to the breaking changes in GitLab 19.0; 76 The Cost of Assumptions ⚡; Ashby taught us we have to fight fire with fire
On Call Brief – Week of 2026-04-05
GitHub availability report: March 2026; Another One Bites the Dust: What the CDKTF Deprecation Means for You; Dutch healthcare software vendor goes dark after ransomware attack
On Call Brief – Week of 2026-03-29
Trivy Supply Chain Attack Hits Docker Images in TeamPCP Campaign; Building SRE Error Budgets for AI/ML Workloads: A Practical Framework; LAX (Los Angeles) on 2026-03-30
On Call Brief – Week of 2026-03-22
Another One Bites the Dust: What the CDKTF Deprecation Means for You; Windows Server 2025 SMB SID hardening is beachballing legacy clients; DevOps'ish 301: Super Micro…
On Call Brief – Week of 2026-03-15
Major Breach — McKinsey's Lilli AI system compromised in under two hours, exposing millions of confidential client; Perplexity's Personal Computer system and Mistral's zero-exposure training address…
On Call Brief – Week of 2026-03-08
Policy in Bedrock AgentCore is now GA; Accelerate Lambda durable functions development with new Kiro power - AWS; 👀 Claude Code now runs while you sleep
Bedrock throttling, Google Cloud AI updates, and Packer nightlies
[Last Week in AWS] Issue #460: Bedrock Throttling Guide: AWS Publishes Its Own Roast; What Google Cloud announced in AI this month; What’s new with Google…
Perplexity Computer, Claude Cowork, and AWS security fixes
Perplexity Computer 💻, DeepSeek withholds v4 🐋, Cowork scheduled tasks 💼; Claude Cowork updates 💼, KiloClaw agents ⚡, intelligence yield 🧠; CVE-2025-31133, CVE-2025-52565, CVE-2025-52881 - runc…
AWS query controls, Cursor plugins, and Helm v4.1.1
[Last Week in AWS] Issue #460: Bedrock Throttling Guide: AWS Publishes Its Own Roast; [Last Week in AWS] Issue #460: Bedrock Throttling Guide: AWS Publishes Its…
Signal and Hetzner outages, IngressNightmare, and AWS Aurora privilege escalation
Signal Outage [Ongoing]; Hetzner Outage; Privilege Escalation in Aurora PostgreSQL using AWS JDBC Wrapper, AWS Go Wrapper, AWS NodeJS Wrapper, AWS Python Wrapper, AWS PGSQL ODBC…