For more than a decade, the evolution of infrastructure automation has followed a clear trajectory. Organizations have invested in workflows, pipelines, controllers, and compliance engines because the market demanded stronger guarantees around reliability and scale. Outages turned into measurable losses. Small misconfigurations cascaded into systemic failures. Even highly skilled teams struggled to keep pace with […]
Author: drweb
Distributed systems form the backbone of modern large-scale computing, from cloud platforms to distributed databases and large clusters.As a PhD student, you need resources that go beyond the basics, combining strong theoretical foundations with practical insights. And ideally, they should be freely accessible.♥️ Info: Are you AI curious but you still have to create real impactful projects? Join our official AI builder club on Skool (only $5): SHIP! – One Project Per MonthThe following five books are all legally available online at no cost and are well-suited to accompany you through graduate-level research in distributed systems.Distributed Systems (4th Edition) —…
Security that moves fast: Docker’s response to Shai Hulud 2.0 On November 21, 2025, security researchers detected the beginning of what would become one of the most aggressive npm supply chain attacks to date. The Shai Hulud 2.0 campaign compromised over 25,000 GitHub repositories within 72 hours, targeting packages from major organizations including Zapier, ENS Domains, PostHog, and Postman. The malware’s self-propagating design created a…
Shift-left observability makes monitoring a modular, built-in part of DevOps—improving reliability, cost efficiency, and visibility across modern cloud-native systems.
On November 21, 2025, security researchers detected the beginning of what would become one of the most aggressive npm supply chain attacks to date. The Shai Hulud 2.0 campaign compromised over 25,000 GitHub repositories within 72 hours, targeting packages from major organizations including Zapier, ENS Domains, PostHog, and Postman. The malware’s self-propagating design created a compounding threat that moved at container speed, not human speed. This variant executed during npm’s preinstall phase, harvesting developer credentials, GitHub tokens, and cloud provider secrets before packages even finished installing. Stolen credentials appeared in public GitHub repositories labeled “Sha1-Hulud: The Second Coming,” creating a…
I was a big fan of Coil back when it existed. The surface story of Coil was it was a browser extension you could install and you’d hook it up to an “online wallet” (with currency in it). Then websites could put a (or ?) tag on their website that was essentially a public key to their online wallet. You’d tell Coil how much money you were good for and it would sprinkle out your funds automatically to sites you visited that had this set up. It was a little “thanks for making a website that I visit, here’s a…
“Dave: Open the pod bay doors, HAL.HAL: I’m sorry, Dave. I’m afraid I can’t do that.Dave: What’s the problem?HAL: I think you know what the problem is just as well as I do.”— Arthur C. Clarke & Stanley Kubrick, 2001: A Space Odyssey (1968) (2025-Nov-24) Having a real conversation with Power BI is not a novel idea. Its ‘Q&A’ feature has been available for the past 10 years, allowing users to type questions in natural language and attempt to retrieve data-driven results and visuals from existing datasets. This feature was first introduced back in 2013 and gradually improved over time, becoming a solid…
AI agents are moving from novelty to necessity in software delivery—and with that shift, the developer’s role is changing. Emilio Salvador, vice president of strategy and developer relations for GitLab, explores what happens when every engineer works alongside a small “team” of agents: some personal, some shared across squads, and others assigned to specific lifecycle […]
Redgate acquired a data modeling tool from Vertabelo recently and I wanted to explore how it works. This is a short look at this tool and how it might be useful in working with databases.A Simple LayoutThe tool is a cloud tool, designed to work in a browser. This negates the need to install anything, but this also means you need to be connected to the Internet to use it. Once you get past the licensing (I won’t show this), you have a basic screen that looks like this:There isn’t much to see and this doesn’t feel that intuitive to…
Outcome-based engineering teams focus on delivering real customer and business impact, aligning goals, adapting quickly, and collaborating across roles to drive results.