On Call Brief – Week of June 7–13, 2026

This week's top stories

1. DevOps'ish Newsletter: Red Hat npm Security Breach and Open Source Sabotage

• Category: Community
• What happened: This newsletter discusses various topics including the transition from Kubernetes Dashboard to Headlamp, a significant security breach involving Red Hat Cloud Services npm packages that deployed malware, and a developer embedding harmful code in an open-source library. It also covers Microsoft's response to backlash from security researchers and Florida's lawsuit against OpenAI for allegedly prioritizing profit over safety.
• Worth reading: The Red Hat npm package compromise could lead to credential theft for affected users, necessitating immediate audits of environments using those packages. The Kubernetes Dashboard transition may require teams to adapt to new tools and workflows, impacting operational processes.
• Source: Devopsish via DevOps'ish
• Tags: kubernetes red-hat-cloud-services npm openai security

2. Cursor violates External-File Protection

• Category: Deep Dive
• What happened: The Cursor IDE has a bug that allows it to read files from the parent directory without user consent, violating external file protection settings. Users expect that the IDE should not access files outside the designated workspace, regardless of the presence of certain files or directories. This issue has rendered the IDE unusable for some users.
• Takeaway: This bug could lead to unintended data exposure if sensitive files are present in the parent directory, impacting user trust and compliance with data protection standards.
• Source: Cursor Forum
• Tags: cursor ide external-file-protection

3. Rate my Dashboard for Infra Monitoring

• Category: Deep Dive
• What happened: A user shares their Grafana dashboard for monitoring infrastructure, detailing the metrics included such as CPU and memory utilization, disk usage trends, and current resource usage across nodes. They seek feedback and suggestions for improvement as they are new to monitoring.
• Takeaway: Understanding how to effectively monitor infrastructure can lead to better resource management and incident prevention. Feedback on dashboard design can enhance monitoring practices.
• Source: Reddit r/sre
• Tags: grafana prometheus monitoring node-exporter

4. Only paid models are displayed in the chat function, making it unusable

• Category: Community
• What happened: Users are experiencing issues with the Cursor IDE where only paid models are displayed in the chat function, rendering it unusable. Attempts to switch models result in errors, and the model switching option is only available briefly after opening a project. The issue seems to be tied to the Composer 2.5 model, which cannot be switched away from, even when trying shortcuts as suggested by support.
• Worth reading: This bug could hinder productivity for teams relying on the Cursor IDE for chat functionalities, especially if they are not on a paid plan.
• Source: Cursor Forum
• Tags: cursor-ide composer-2.5 chat-functionality

5. macOS: state.vscdb grew to 12.4 GB and state.

• Category: Deep Dive
• What happened: The Cursor IDE's global state databases on macOS have grown excessively large, with state.vscdb reaching approximately 12.4 GB and its backup at 12.2 GB. This growth is impacting normal development use on a 256 GB MacBook Air. The user is seeking guidance on safe remediation without risking functionality, as prior attempts to modify the database have led to issues with chat loading.
• Takeaway: The excessive size of the global state databases could lead to performance issues on devices with limited storage, affecting development workflows. Operators using Cursor on similar hardware may need to monitor database sizes and seek remediation strategies.
• Source: Cursor Forum
• Tags: cursor macos database

6. Network maintenance in IAD

• Category: Deep Dive
• What happened: An upstream provider will conduct network maintenance affecting a subset of hosts in the IAD region on June 14, 2026, from 04:00 to 12:00 UTC. Users may experience a loss of connectivity for up to 1 hour during this maintenance window.
• Takeaway: Operators should prepare for potential connectivity issues in the IAD region during the maintenance period - plan for possible service disruptions.
• Source: Fly.io Status
• Tags: fly.io iad network-maintenance

7. Bitbucket Cloud - Database Maintenance

• Category: Deep Dive
• What happened: Bitbucket Cloud will undergo scheduled database maintenance on June 13, 2026, from 17:00 to 19:00 UTC, resulting in downtime for all services including the website, Git operations, API requests, and Bitbucket Pipelines.
• Takeaway: Operators should plan for a two-hour downtime during the maintenance window, which will affect all Bitbucket Cloud services.
• Source: Bitbucket Status
• Tags: bitbucket bitbucket-pipelines

8. Cloudflare: 10 scheduled maintenance windows (Newark, Tokyo, Austin, Newark (+6 more))

• Category: Community
• What happened: Cloudflare has scheduled extensive datacenter maintenance across multiple regions from June 8-11, 2026, affecting 10 datacenters including EWR (Newark), NRT (Tokyo), AUS (Austin), ORD (Chicago), CPT (Cape Town), LIS (Lisbon), GVA (Geneva), and CMB (Colombo), with maintenance windows ranging from 2.5 to 16.75 hours per location. Additionally, Cloudflare storage systems will undergo maintenance on June 9 from 12:00 to 13:00 UTC, causing up to 3 minutes of Dashboard and public API unavailability for configuration changes. During all maintenance periods, traffic will be automatically rerouted which may increase latency for end-users in affected regions, particularly impacting customers with Private Network Interconnect (PNI) or Cloudflare Network Interconnect (CNI) connections. Operators should monitor application performance during these windows, prepare for potential latency increases, and consider traffic routing adjustments for mission-critical applications that rely heavily on the affected datacenters. All information sourced from Cloudflare Status announcements.
• Worth reading: Operators should anticipate increased latency and possible traffic rerouting during the maintenance window, which could affect service availability for users in the Newark region.
• Sources: Cloudflare Status, Cloudflare Status, Cloudflare Status (+7 more)
• Tags: cloudflare ewr nrt tokyo maintenance aus ord cape-town status-page-maintenance

Releases

1. External Secrets Operator Helm Chart v2.6.0 Release

• Category: Release
• What happened: This release introduces version 2.6.0 of the Helm chart for the External Secrets Operator, which facilitates external secrets management in Kubernetes environments.
• Do this Monday: - Operators using the External Secrets Operator should consider upgrading to this version for improved functionality and features related to secrets management.
• Source: External Secrets Operator releases
• Tags: external-secrets helm kubernetes

2. SDL_net 3.2.0 is out

• Category: Release
• What happened: SDL_net version 3.2.0 has been released, providing updates and improvements to the library.
• Do this Monday: This release may affect applications using SDL_net for network communication, requiring testing for compatibility with the new version.
• Source: Github via Lobsters
• Discussion: https://lobste.rs/s/dmcanq/sdl_net_3_2_0_is_out
• Tags: sdl-net

3. Can Traefik stay outside Kubernetes and still look in?

• Category: Release
• What happened: A user discusses the possibility of running Traefik outside of a Kubernetes cluster while still routing traffic to services within the cluster. They express concerns about redundancy and the complexity of managing multiple instances of Traefik, especially given their limited Kubernetes experience.
• Do this Monday: Understanding how to configure Traefik for both external and internal services can help streamline traffic management without unnecessary redundancy.
• Source: Reddit r/kubernetes
• Tags: traefik kubernetes

Lightning links

(No additional items this week.)

Human Stories

Looking across these stories, I'm struck by how the tools we've come to rely on daily are quietly accumulating technical debt and trust issues right under our noses. The Cursor IDE's file access violations and bloated state databases remind me that even our development environments need the same scrutiny we apply to production systems. Meanwhile, the Red Hat npm breach and the mounting infrastructure maintenance windows from IAD to Bitbucket Cloud paint a picture of an ecosystem where convenience often comes at the cost of security and stability. As engineers, we've become incredibly good at monitoring our applications, but perhaps we need to extend that same vigilance to the entire stack we depend on - from our IDEs to our package managers. The dashboard sharing discussion feels refreshingly grounded in this context; sometimes the most valuable work is simply making the invisible visible, whether that's CPU utilization or the hidden risks lurking in our everyday tools.

Also worth reading

Cursor violates External-File Protection (Cursor Forum)

The Cursor IDE has a bug that allows it to read files from the parent directory without user consent, violating external file protection settings. Users expect that the IDE should not access files outside the designated workspace, regardless of the presence of certain files or directories. This issu

Only paid models are displayed in the chat function, making it unusable (Cursor Forum)

Users are experiencing issues with the Cursor IDE where only paid models are displayed in the chat function, rendering it unusable. Attempts to switch models result in errors, and the model switching option is only available briefly after opening a project. The issue seems to be tied to the Composer