On Call Brief – Week of 2026-03-08

This week's top stories

1. Policy in Bedrock AgentCore is now GA

• Category: Community
• What happened: AWS has announced that Policy in Bedrock AgentCore is now generally available (GA). This feature provides centralized controls for interactions between agents and tools, enhancing security for AI agents. Additionally, Lambda Durable Functions has been introduced, which facilitates the creation of long-running workflows.
• Worth reading: The GA release of Policy in Bedrock AgentCore could impact how operators manage security and interactions in AI workflows, potentially leading to more secure and manageable deployments. The introduction of Lambda Durable Functions may also streamline the development of complex workflows.
• Source: readysetcloud.io

2. Accelerate Lambda durable functions development with new Kiro power - AWS

• Category: Community
• What happened: AWS has announced the general availability of Policy in Bedrock AgentCore, which enhances security for AI agents by providing centralized controls for agent-tool interactions. Additionally, Lambda Durable Functions have been integrated into Kiro power, facilitating the development of long-running workflows.
• Worth reading: The introduction of centralized controls in Bedrock AgentCore could significantly improve security practices for teams utilizing AI agents, while the integration of Lambda Durable Functions into Kiro power may streamline the development of complex workflows, impacting how services are orchestrated.
• Source: readysetcloud.io

3. 👀 Claude Code now runs while you sleep

• Category: Community
• What happened: Anthropic's Claude Code AI model has been found to contain 22 security flaws discovered during a two-week assessment period, according to Superhuman's Zain Kahn reporting. The vulnerabilities highlight ongoing security concerns in AI systems that require continuous monitoring and assessment. Meanwhile, a new repository called "Everything Claude Code" has been released by an Anthropic hackathon winner, consolidating ten months of Claude Code optimizations into a deployable system with pre-configured agents and skills. SRE teams running Claude Code implementations should conduct immediate security assessments of their deployments and evaluate whether the consolidated optimization repository addresses any of the identified vulnerabilities before implementation. Organizations should establish regular security review cycles for AI model integrations similar to traditional software security practices.
• Worth reading: Operators should be aware of the vulnerabilities in AI models like Claude Code, as these flaws could impact the reliability and security of applications utilizing this technology.
• Sources: Superhuman – Zain Kahn, The Code

4. Production query plans without production data (10 minute read)

• Category: Community
• What happened: PostgreSQL 18 introduces new functions and the option `pg_dump --statistics-only` to export and inject production optimizer statistics into non-production databases. This allows for accurate reproduction and testing of production query plans without requiring access to the actual production data.
• Worth reading: This feature can improve testing and development workflows by allowing teams to simulate production query performance in non-production environments, potentially leading to better optimization and fewer surprises during deployment.
• Source: TLDR Dev

5. 2026 Cloudflare Threat Report ☁️, Decade of Docker 📦, User Risk Scoring 💯

• Category: Deep Dive
• What happened: Cloudflare released their 2026 Threat Report highlighting emerging cybersecurity risks and introducing User Risk Scoring capabilities that proactively assess user behavior patterns to prevent breaches rather than react to incidents after they occur. The report emphasizes proactive security measures for organizations to address significant vulnerabilities expected in the coming years. Additionally, Pulumi has launched a public beta feature enabling users to store Terraform state files directly in Pulumi Cloud, simplifying state management by leveraging Pulumi's cloud infrastructure. SRE teams should review the Cloudflare threat intelligence to update security policies and consider evaluating the Pulumi beta for Terraform state management workflows if currently using both platforms.
• Takeaway: Operators should be aware of the potential risks outlined in the report, as they may need to adjust their security strategies and tools to mitigate these emerging threats.
• Sources: TLDR DevOps, TLDR DevOps, TLDR DevOps

6. Claude Code Review (4 minute read)

• Category: Community
• What happened: Anthropic has launched Code Review, an AI-powered tool integrated into Claude Code that automatically reviews AI-generated code to identify and explain logical errors in pull requests. This tool is currently available only for enterprise users and integrates with GitHub.
• Worth reading: The introduction of this tool may help teams manage the increased volume of AI-generated code and reduce potential bugs and security risks in production environments - teams using GitHub may benefit from improved code quality.
• Source: TLDR Dev

7. Try it here.

• Category: Community
• What happened: JetBrains has introduced Air, a new development environment that allows developers to delegate coding tasks to multiple AI agents, including Claude, Codex, and Gemini. These agents operate with context from the codebase and provide changes for review. The environment runs locally with Docker and Git worktree sandboxing.
• Worth reading: This tool could streamline development workflows by integrating AI assistance, potentially affecting how code is written and reviewed in production environments - teams may need to adapt to using AI tools in their processes.
• Source: The Code

8. Penguin‑VL: Efficient Vision‑Language Models (GitHub Repo)

• Category: Community
• What happened: Tencent AI Lab has released Penguin-VL, a new family of efficient vision-language models that enhance multimodal efficiency by redesigning the vision encoder. It features the Penguin-Encoder, which is initialized from a text-only LLM to better align visual features with language representations, aiming to improve data-efficient multimodal reasoning.
• Worth reading: This release may affect teams working on multimodal AI applications, as it provides a new model architecture that could enhance performance in tasks requiring both visual and textual understanding - teams may want to evaluate its applicability in their projects.
• Source: TLDR AI

9. Copilot Cowork

• Category: Community
• What happened: Microsoft has launched Copilot Cowork, an enterprise AI agent that integrates Anthropic's technology into the Microsoft 365 ecosystem. This tool is designed to enhance productivity by executing multi-step tasks across applications like Outlook, Teams, Excel, PowerPoint, and Word, while ensuring compliance and security through Microsoft's Work IQ intelligence layer.
• Worth reading: This new AI tool could streamline workflows and improve task management within Microsoft 365, potentially affecting how teams collaborate and manage projects.
• Source: Superhuman – Zain Kahn

10. Claude Cowork's

• Category: Community
• What happened: Microsoft has introduced Copilot Cowork, an enterprise AI agent that utilizes Anthropic's Claude Cowork technology. This tool integrates with Microsoft 365 applications such as Outlook, Teams, Excel, PowerPoint, and Word, enabling multi-step task execution while ensuring compliance with enterprise security and governance standards.
• Worth reading: This integration may affect how teams collaborate and manage tasks within Microsoft 365, potentially improving efficiency but also raising concerns about data security and compliance.
• Source: Superhuman – Zain Kahn

CVE & Security

1. Claude finds Firefox bugs 🐛, Claude Marketplace 🤝, Codex Security 🤖

• Category: Security / Patch
• What happened: Anthropic's Claude Opus 4.6 analyzed the Firefox repository and identified 22 new security vulnerabilities, demonstrating AI capabilities in automated bug detection according to reports from TLDR AI and The Code. The vulnerabilities were found through repository analysis rather than exploitation techniques, though specific CVE numbers and affected Firefox versions have not been disclosed in the available reports. SRE teams running Firefox-based infrastructure should monitor Mozilla's security advisories for official vulnerability disclosures and patch information, as these AI-identified issues may lead to upcoming security updates. Organizations should prepare to update Firefox installations once Mozilla validates and addresses these reported vulnerabilities through their standard security release process.
• Do this Monday: These vulnerabilities could pose security risks to applications and services that depend on Firefox, necessitating prompt updates and patches to mitigate potential exploits.
• Sources: TLDR AI, TLDR AI, The Code

2. Helm v4.1.1

• Category: Security / Patch
• What happened: Helm v4.1.1 is a patch release that includes several bug fixes aimed at improving the user experience. Key changes involve better handling of resource waiting times and slice copying.
• Do this Monday: Operators using Helm should upgrade to v4.1.1 to benefit from these fixes, which may enhance deployment reliability and reduce waiting times on failed resources.
• Source: Helm releases

3. 🐛 Codex now finds vulnerabilities

• Category: Security / Patch
• What happened: OpenAI's Codex AI coding assistant has introduced new vulnerability detection capabilities that automatically identify security issues in code during the development process, according to reporting from The Code. The enhancement allows Codex to analyze code snippets and flag potential security vulnerabilities in both custom applications and open source software components. SRE teams should evaluate integrating this capability into their CI/CD pipelines to catch security issues before deployment, particularly for teams already using GitHub Copilot or other Codex-powered tools. Organizations should also review their existing static analysis security testing (SAST) tools to determine if Codex's vulnerability detection can supplement or replace current security scanning workflows.
• Do this Monday: This feature could significantly affect production environments by enabling teams to detect and remediate vulnerabilities earlier in the development lifecycle, potentially reducing the risk of security incidents.
• Sources: The Code, The Code, The Code (+25 more)

4. Promptfoo is joining OpenAI (2 minute read)

• Category: Security / Patch
• What happened: Promptfoo has been acquired by OpenAI and will continue to operate as an open-source platform. The acquisition aims to enhance the security, evaluation, and compliance of AI applications, integrating Promptfoo's technology into OpenAI's infrastructure.
• Do this Monday: This acquisition may influence how AI applications are tested and deployed, potentially affecting teams that rely on Promptfoo for systematic testing.
• Source: TLDR AI

Releases

1. Vertex AI API streaming responses misrouted for third-party models - resolved

• Category: Release
• What happened: A technical issue in the Vertex AI API caused misrouted responses for certain third-party models during streaming requests, which has now been resolved with fixes and additional monitoring.
• Do this Monday: This could affect the reliability of AI model responses in production environments if similar issues arise in the future.
• Source: Google Cloud Security Bulletins

2. stable: Bump version to 3.3.3 on release-3.3 branch (#26752)

• Category: Release
• What happened: The Argo CD project has released version 3.3.0 on the release-3.3 branch, indicating updates and potential new features or fixes.
• Do this Monday: Engineers should review the release notes for changes that may affect existing deployments or require updates.
• Source: Argo CD releases

3. Packer nightly development builds released for testing and feedback

• Category: Release
• What happened: HashiCorp has released nightly builds of Packer, which are development snapshots that may contain new features and bug fixes. These are intended for testing and feedback but are not recommended for production use due to potential instability.
• Do this Monday: Operators should be cautious with nightly releases as they are not stable and can introduce issues. It's advisable to test these in non-production environments only.
• Source: Packer releases

4. Google Cloud SecOps SIEM and SOAR Release 6.3.75 with Bug Fixes

• Category: Release
• What happened: Google Cloud has announced the rollout of Release 6.3.75 for both SecOps SIEM and SOAR, which includes internal and customer bug fixes.
• Do this Monday: While this release addresses bug fixes, it does not indicate any major changes or new features that would directly impact production environments. Operators should monitor for any specific issues that may arise from the updates.
• Source: Google Cloud Release Notes

Also this week

Community reads

11. Ghostty 1.3.0 (30 minute read)

• Category: Community
• What happened: Ghostty 1.3.0 is a significant release that includes hundreds of improvements, bug fixes, and performance optimizations across all platforms.
• Worth reading: This release may enhance performance and stability, but specifics on changes affecting production environments are not detailed.
• Source: TLDR

12. Cursor War Time 🧑‍💻, Apple Ultra products 💻, replacing GPL software ⚖️

• Category: Community
• What happened: Clerk has released Core version 3 with unspecified changes that may impact authentication and user management functionality for applications currently using previous versions of the Clerk service. Simultaneously, development teams are implementing 80% automated end-to-end test coverage as part of broader quality assurance improvements. SRE teams should review their current Clerk integration dependencies and plan for potential migration testing if using earlier Clerk Core versions. Organizations should also evaluate their current automated testing coverage against the 80% benchmark to identify gaps in their CI/CD pipelines. No specific CVE numbers or security vulnerabilities were mentioned, but authentication service changes typically require careful rollout planning and monitoring.
• Worth reading: Operators using Clerk for user management should review the release notes for any breaking changes or new features that could impact their applications.
• Sources: TLDR, TLDR

13. Terminal Use (Website)

• Category: Community
• What happened: Terminal Use is a platform offering managed infrastructure for deploying and scaling AI agents, including support for Claude Agent SDK and Codex agents. It features Git-native branching, versioning, and rollback, and focuses on filesystem agents that can read files, execute code, and generate outputs for various applications.
• Worth reading: This platform could enhance deployment strategies for AI agents, potentially affecting workflows that involve code generation and document processing - operators may need to evaluate integration with existing systems.
• Source: TLDR Dev

Lightning links

• 2026 Cloudflare Threat Report ☁️, Decade of Docker 📦, User Risk Scoring 💯 (TLDR DevOps) -- The report outlines emerging cybersecurity threats and Docker's impact over the past decade.
• GitLab's Security Control Framework Development (TLDR DevOps) -- GitLab shares insights on building a security control framework from the ground up.
• Codex now finds vulnerabilities (The Code) -- Codex enhances security by identifying vulnerabilities in code, streamlining the detection process.
• Sentry built Seer (TLDR AI) -- Sentry's Seer tool helps identify bugs in source code and runtime behavior for better debugging.
• Implementing Day 2 Operations Guardrails (TLDR DevOps) -- Learn best practices for managing infrastructure and ensuring compliance using Terraform and Packer.
• Claude finds Firefox bugs 🐛, Claude Marketplace 🤝, Codex Security 🤖 (TLDR AI) -- Claude identifies bugs in Firefox while introducing a marketplace for AI tools and updates on Codex.
• Watch Copilot Cowork in action (Superhuman – Zain Kahn) -- Microsoft's Copilot Cowork integrates AI to enhance productivity across Microsoft 365 applications.
• Developers Moving to Custom Platforms (readysetcloud.io) -- A trend emerges as developers shift from traditional hosting to building their own platforms.

Human Stories

Looking at these announcements, what strikes me most is how we're watching the infrastructure world grapple with the same fundamental challenge that's defined our profession for years - how do you maintain control and reliability when you're delegating critical work to something else? Whether it's AWS's new Policy controls in Bedrock AgentCore or PostgreSQL 18's ability to reproduce production query plans without production data, we're seeing the emergence of guardrails and governance layers designed to make delegation safer. The pattern becomes even clearer when you consider Anthropic's Claude Code Review automatically checking AI-generated code and JetBrains Air letting developers hand off entire coding tasks to AI agents - we're essentially building the same kinds of monitoring, validation, and policy enforcement systems for AI that we've spent decades perfecting for distributed systems. The lesson here isn't just technical; it's deeply human. As we hand over more responsibilities to intelligent systems, our role as engineers isn't diminishing - it's evolving toward becoming the architects of trust and the guardians of the boundaries that keep innovation from becoming chaos.

Also worth reading

2026 Cloudflare Threat Report ☁️, Decade of Docker 📦, User Risk Scoring 💯 (TLDR DevOps)

The article discusses GitLab's approach to developing a security control framework from the ground up. It outlines the challenges faced, the methodologies adopted, and the importance of integrating security into the development lifecycle. The piece emphasizes the need for a structured security frame