Perplexity Computer, Claude Cowork, and AWS security fixes

This week's top stories

1. Perplexity Computer 💻, DeepSeek withholds v4 🐋, Cowork scheduled tasks 💼

• Category: Community
• What happened: DeepSeek has decided to withhold its latest AI model from US chipmakers, including Nvidia, which may impact the availability of advanced AI capabilities for developers and companies relying on these technologies.
• Worth reading: This decision could affect production environments that depend on AI models from DeepSeek, particularly for organizations using Nvidia hardware for AI workloads.
• Source: TLDR AI

2. Claude Cowork updates 💼, KiloClaw agents ⚡, intelligence yield 🧠

• Category: Community
• What happened: The article discusses the concept of security boundaries within agentic architectures, focusing on how these boundaries can be defined and maintained to ensure the integrity and security of systems that utilize intelligent agents. It explores various strategies for implementing these boundaries effectively.
• Worth reading: Understanding security boundaries is crucial for operators working with intelligent systems, as it can help prevent vulnerabilities and ensure robust security measures are in place when deploying agent-based architectures.
• Source: TLDR AI

CVE & Security

1. CVE-2025-31133, CVE-2025-52565, CVE-2025-52881 - runc container issues

• Category: Security / Patch
• What happened: AWS has issued a security bulletin regarding three CVEs affecting the runc component of various container management systems. While AWS does not consider containers a security boundary, customers using containers for workload isolation should seek updates from their OS vendors. The affected services include Amazon ECS, EKS, and others.
• Do this Monday: Operators using AWS container services should be aware of these vulnerabilities and ensure that they are applying necessary patches and updates to mitigate risks, especially if they are managing their own container environments.
• Source: AWS Security Bulletins

2. Improper authentication token handling in the Amazon WorkSpaces client for Linux

• Category: Security / Patch
• What happened: A critical vulnerability (CVE-2025-12779) has been identified in the Amazon WorkSpaces client for Linux, affecting versions 2023.0 to 2024.8. This issue involves improper handling of authentication tokens, which could allow unintended local users to access another user's WorkSpace. AWS has communicated with customers regarding the end of support for the affected versions.
• Do this Monday: Operators using the affected versions of the Amazon WorkSpaces client for Linux should update to a secure version to prevent unauthorized access to WorkSpaces by local users.
• Source: AWS Security Bulletins

3. CVE-2025-8069 - AWS Client VPN Windows Client Local Privilege Escalation

• Category: Security / Patch
• What happened: CVE-2025-8069 is a local privilege escalation vulnerability in the AWS Client VPN Windows client that allows non-admin users to execute arbitrary code with root-level privileges during installation. This affects specific versions of the client software.
• Do this Monday: If your organization uses the affected versions of AWS Client VPN on Windows, it is crucial to apply the security patch to prevent potential exploitation of this vulnerability, which could lead to unauthorized access and control over systems.
• Source: AWS Security Bulletins

4. Envoy Proxy: v1.34.11, v1.36.2

• Category: Security / Patch
• What happened: Envoy Proxy has released critical updates in versions 1.34.11 and 1.36.2 to address several security vulnerabilities. Version 1.34.11 resolves issues that could lead to crashes and request smuggling, specifically targeting CVE-2025-64527, CVE-2025-66220, and CVE-2025-64763. Meanwhile, version 1.36.2 addresses CVE-2025-62504, a vulnerability that can cause crashes when Lua filters process large response bodies. It is imperative for operators to upgrade to these versions immediately to mitigate these risks. These updates are detailed in the Envoy Proxy release notes, which should be reviewed for additional context and implementation guidance.
• Do this Monday: Operators using Envoy Proxy should upgrade to v1.34.11 to mitigate risks associated with these vulnerabilities, particularly if JWT authentication or TLS certificate matching is in use.
• Sources: Envoy Proxy releases, Envoy Proxy releases

5. GitLab: 18.6.1, 18.4.2, 18.4.1 (+2 more)

• Category: Security / Patch
• What happened: GitLab has released a series of patch versions, including 18.6.1, 18.5.3, 18.4.5, 18.4.2, 18.3.4, 18.2.8, 18.4.1, 18.3.3, 18.2.7, 18.2.1, 18.1.3, 18.0.5, 18.1.2, 18.0.4, and 17.11.6, to address critical security vulnerabilities affecting both Community and Enterprise Editions. These updates fix high-severity issues such as race conditions, denial of service, cross-site scripting (XSS), and authorization flaws. It is imperative for all operators managing GitLab installations to upgrade to the latest patch versions immediately to mitigate these risks. The security releases have been documented by GitLab Security Releases, emphasizing the urgency of these updates to protect against potential exploits. Failure to apply these patches could expose systems to significant security threats.
• Do this Monday: Failure to upgrade could expose installations to critical vulnerabilities, including potential denial of service and authentication bypass risks. Operators managing GitLab instances should prioritize this upgrade to maintain security.
• Sources: GitLab Security Releases, GitLab Security Releases, GitLab Security Releases (+2 more)

6. DevOps'ish 297: RAM prices, AI impacting stocks, and more

• Category: Security / Patch
• What happened: The latest DevOps'ish newsletter highlights critical updates for SRE and DevOps engineers, focusing on security and infrastructure changes. Ingress NGINX, a popular Kubernetes ingress controller, is set to reach end of life in March 2026, with users urged to migrate to alternative solutions to mitigate security risks. Additionally, the newsletter reports on multiple CVEs affecting Ingress NGINX, which will no longer receive updates after next month, and a targeted attack on Notepad++ by a nation-state actor, emphasizing the need for heightened security vigilance. The discussion also covers the challenges of maintaining zero-CVE container images, with insights from Chainguard and Docker on the limitations of traditional Linux distributions in addressing vulnerability disclosures. For those managing infrastructure costs, the rising prices of RAM are noted as impacting ISP equipment expenses, while the newsletter also explores the implications of AI tools on cybersecurity strategies.
• Do this Monday: Failure to replace Ingress NGINX could lead to unpatched vulnerabilities and potential security breaches in production environments.
• Sources: DevOps'ish, DevOps'ish, DevOps'ish (+1 more)

7. CVE-2025-12815 - RES web portal may display preview of Virtual Desktops that the user shouldn't have access to

• Category: Security / Patch
• What happened: CVE-2025-12815 affects the Research and Engineering Studio (RES) on AWS, allowing authenticated users to potentially view unauthorized desktop session metadata due to an ownership verification issue. This vulnerability is present in versions prior to 2025.09.
• Do this Monday: If your organization uses the Research and Engineering Studio on AWS, it is crucial to upgrade to version 2025.09 or later to mitigate the risk of unauthorized access to sensitive desktop session information.
• Source: AWS Security Bulletins

8. CVE-2025-12829 - Integer Overflow issue in Amazon Ion-C

• Category: Security / Patch
• What happened: CVE-2025-12829 is an integer overflow vulnerability in Amazon Ion-C, affecting versions prior to v1.1.4. This issue could allow attackers to expose sensitive data in memory through crafted data serialization.
• Do this Monday: Operators using affected versions of Amazon Ion-C should prioritize upgrading to v1.1.4 or later to mitigate the risk of sensitive data exposure.
• Source: AWS Security Bulletins

9. Security Findings in SageMaker Python SDK

• Category: Security / Patch
• What happened: Two security vulnerabilities were identified in the SageMaker Python SDK: CVE-2026-1777 exposes HMAC keys via the DescribeTrainingJob API, and CVE-2026-1778 disables SSL certificate verification in the Triton Python backend.
• Do this Monday: These vulnerabilities could allow unauthorized access to sensitive data and compromise the integrity of machine learning models deployed on SageMaker.
• Source: AWS Security Bulletins

10. CVE-2025-66478: RCE in React Server Components

• Category: Security / Patch
• What happened: CVE-2025-66478 has been identified as a potential RCE vulnerability affecting specific versions of React and Next.js. AWS has noted that customers using managed services are not impacted, but those running affected versions in their own environments should update immediately.
• Do this Monday: If you are using React versions 19.0, 19.1, or 19.2, or Next.js versions 15.x or 16.x with App Router, you must update to the latest patched versions to mitigate the risk of unauthorized remote code execution.
• Source: AWS Security Bulletins

11. CVE-2025-11573 - Denial of Service issue in Amazon.IonDotnet

• Category: Security / Patch
• What happened: CVE-2025-11573 identifies a Denial of Service vulnerability in the Amazon.IonDotnet library, affecting versions prior to 1.3.2. The library has been deprecated and will not receive further updates, which means any applications still using it are at risk if they do not migrate to a newer version.
• Do this Monday: If your applications rely on Amazon.IonDotnet versions <1.3.2, they could be vulnerable to denial of service attacks. Immediate action is required to upgrade or replace this library to maintain service availability.
• Source: AWS Security Bulletins

Releases

1. stable: Bump version to 3.3.2 on release-3.3 branch (#26550)

• Category: Release
• What happened: The Argo CD project has released version 3.3.0 on the release-3.3 branch, indicating updates and potential new features or fixes.
• Do this Monday: Engineers should review the release notes for changes that may affect existing deployments or require updates.
• Source: Argo CD releases

2. HashiCorp Releases Nightly Builds of Packer for Testing and Feedback

• Category: Release
• What happened: HashiCorp has released nightly builds of Packer, which are development snapshots that may contain new features and bug fixes. These are intended for testing and feedback but are not recommended for production use due to potential instability.
• Do this Monday: Operators should be cautious with nightly releases as they are not stable and can introduce issues. It's advisable to test these in non-production environments only.
• Source: Packer releases

3. Google Cloud Release 6.3.75: Bug Fixes for SecOps SIEM and SOAR

• Category: Release
• What happened: Google Cloud has announced the rollout of Release 6.3.75 for both SecOps SIEM and SOAR, which includes internal and customer bug fixes.
• Do this Monday: While this release addresses bug fixes, it does not indicate any major changes or new features that would directly impact production environments. Operators should monitor for any specific issues that may arise from the updates.
• Source: Google Cloud Release Notes

Lightning links

• ArgoCD to Flux (Cloud Posse Office Hours) -- Discussed on Cloud Posse Office Hours (DevOps "Office Hours" (2026-02-25))
• Making frontier cybersecurity capabilities available to defenders (Cloud Posse Office Hours) -- Discussed on Cloud Posse Office Hours (DevOps "Office Hours" (2026-02-25))
• CrowdStrike stock hit hard (Cloud Posse Office Hours) -- Discussed on Cloud Posse Office Hours (DevOps "Office Hours" (2026-02-25))

Human Stories

In a rapidly evolving tech landscape, the stories of Perplexity Computer and Claude Cowork remind us that innovation doesn't come without its challenges and responsibilities. DeepSeek withholding its AI model from certain markets underscores the geopolitical undercurrents that can influence technology availability and development. Meanwhile, the security boundaries discussed in KiloClaw agents highlight the ever-present need to safeguard our systems against vulnerabilities. As we navigate these complexities, it's crucial to remain adaptable and vigilant, ensuring that while we push the boundaries of what technology can achieve, we also maintain a strong foundation of security and ethical considerations. In our roles, it's about finding that balance between harnessing cutting-edge advancements and safeguarding the integrity of our systems and data.