InfoQ

Google’s TurboQuant Compression May Support Faster Inference, Same Accuracy on Less Capable Hardware

Bruno Couriol — Wed, 15 Apr 2026 16:53:00 GMT

Google Research unveiled TurboQuant, a novel quantization algorithm that compresses large language models’ Key-Value caches by up to 6x. With 3.5-bit compression, near-zero accuracy loss, and no retraining needed, it allows developers to run massive context windows on significantly more modest hardware than previously required. Early community benchmarks confirm significant efficiency gains.

By Bruno Couriol

Presentation: Empower Your Developers: How Open Source Dependencies Risk Management Can Unlock Innovation

Celine Pypaert — Wed, 15 Apr 2026 12:50:00 GMT

Celine Pypaert discusses the ubiquitous nature of open-source software and shares a blueprint for securing modern applications. She explains how to prioritize high-risk vulnerabilities using exploitability data, the role of Software Bill of Materials (SBOM), and the importance of bridging the gap between DevOps and Security through clear accountability and automated governance.

By Celine Pypaert

Zendesk Says AI Makes Code Abundant, Shifting the Bottleneck to “Absorption Capacity”

Eran Stiller — Wed, 15 Apr 2026 12:30:00 GMT

Zendesk argues that GenAI shifts the bottleneck in software delivery from writing code to “absorption capacity”, which is the organisation’s ability to define problems clearly, integrate changes into the wider system, and turn implementation into reliable value. As code becomes abundant, architectural coherence, review capacity, and delivery flow become the main constraints.

By Eran Stiller

Claude Code Used to Find Remotely Exploitable Linux Kernel Vulnerability Hidden for 23 Years

Steef-Jan Wiggers — Wed, 15 Apr 2026 09:36:00 GMT

Anthropic researcher Nicholas Carlini used Claude Code to find a remotely exploitable heap buffer overflow in the Linux kernel's NFS driver, undiscovered for 23 years. Five kernel vulnerabilities have been confirmed so far. Linux kernel maintainers report that AI bug reports have recently shifted from slop to legitimate findings, with security lists now receiving 5-10 valid reports daily.

By Steef-Jan Wiggers

Article: Using AWS Lambda Extensions to Run Post-Response Telemetry Flush

Melvin Philips — Wed, 15 Apr 2026 09:00:00 GMT

At Lead Bank, synchronous telemetry flushing caused intermittent exporter stalls to become user-facing 504 gateway timeouts. By leveraging AWS Lambda's Extensions API and goroutine chaining in Go, flush work is moved off the response path, returning responses immediately while preserving full observability without telemetry loss.

By Melvin Philips

New Rowhammer Attacks on NVIDIA GPUs Enable Full System Takeover

Craig Risi — Tue, 14 Apr 2026 12:00:00 GMT

Security researchers have demonstrated a new class of Rowhammer attacks targeting NVIDIA GPUs that can escalate from memory corruption to full system compromise, marking a significant shift in hardware-level security risks.

By Craig Risi

Anthropic Paper Examines Behavioral Impact of Emotion-Like Mechanisms in LLMs

Robert Krzaczyński — Tue, 14 Apr 2026 11:35:00 GMT

A recent paper from Anthropic examines how large language models internally represent concepts related to emotions and how these representations influence behavior. The work is part of the company’s interpretability research and focuses on analyzing internal activations in Claude Sonnet 4.5 to understand the mechanisms behind model responses better.

By Robert Krzaczyński

Presentation: Platform Engineering: Lessons from the Rise and Fall of eBay Velocity

Randy Shoup — Tue, 14 Apr 2026 11:17:00 GMT

Randy Shoup discusses the "Velocity Initiative," a transformation that doubled engineering productivity and modernized eBay’s DORA metrics. He shares the technical playbook used to scale 4,500 services while explaining why even elite engineering execution can’t save a company hampered by waterfall planning, risk aversion, and a "pathological" culture of fear.

By Randy Shoup

Article: Beyond One-Click: Designing an Enterprise-Grade Observability Extension for Docker

Pragya Keshap — Tue, 14 Apr 2026 09:00:00 GMT

Docker Extensions boost developer speed but create a "visibility gap" by isolating telemetry. To meet enterprise needs, extensions must act as bridges to centralized platforms. This article details how to use OpenTelemetry, policy-as-code, and encryption to build secure pipelines. Learn to balance developer productivity with the governance required for scalable, compliant observability.

By Pragya Keshap

Airbnb Migrates High-Volume Metrics Pipeline to OpenTelemetry

Claudio Masolo — Tue, 14 Apr 2026 08:00:00 GMT

Airbnb's observability engineering team has published details of a large-scale migration away from StatsD and a proprietary Veneur-based aggregation pipeline toward a modern, open-source metrics stack built on OpenTelemetry Protocol (OTLP), the OpenTelemetry Collector, and VictoriaMetrics' vmagent. The resulting system now ingests over 100 million samples per second in production.

By Claudio Masolo

Google Released Gemma 4 with a Focus On Local-First, On-Device AI Inference

Sergio De Simone — Mon, 13 Apr 2026 21:00:00 GMT

With the release of Gemma 4, Google aims to enable local, agentic AI for Android development through a family of models designed to support the entire software lifecycle, from coding to production.

By Sergio De Simone

Lyft Scales Global Localization Using AI and Human-in-the-Loop Review

Leela Kumili — Mon, 13 Apr 2026 13:45:00 GMT

Lyft has implemented an AI-driven localization system to accelerate translations of its app and web content. Using a dual-path pipeline with large language models and human review, the system processes most content in minutes, improves international release speed, ensures brand consistency, and handles complex cases like regional idioms and legal messaging efficiently.

By Leela Kumili

Presentation: Reimagining Platform Engagement with Graph Neural Networks

Mariia Bulycheva — Mon, 13 Apr 2026 13:23:00 GMT

Mariia Bulycheva discusses the transition from classic deep learning to GNNs for Zalando's landing page. She explains the complexities of converting user logs into heterogeneous graphs, the "message passing" training process, and the technical pitfalls of graph data leakage. She shares how a hybrid architecture solved inference latency, delivering contextual embeddings to a downstream model.

By Mariia Bulycheva

Article: The Spring Team on Spring Framework 7 and Spring Boot 4

Mon, 13 Apr 2026 11:00:00 GMT

InfoQ recently spoke with key members of the Spring team about the significant architectural and functional advancements in Spring Framework 7 and Spring Boot 4. This conversation explores the strategic shift toward core resilience by integrating features such as retry and concurrency throttling directly into the framework, alongside the performance benefits of modularizing auto-configurations.

By Karsten Silz, Phil Webb, Sam Brannen, Rossen Stoyanchev, Mark Pollack, Martin Lippert, Michael Minella

Podcast: How SBOMs and Engineering Discipline Can Help You Avoid Trivy’s Compromise

Viktor Peterson — Mon, 13 Apr 2026 11:00:00 GMT

Viktor Peterson, part of the CISA task force working on SBOM blueprints and co-founder of sbomify, explores the shifting landscape of software supply chain security as the EU's Cyber Resilience Act (CRA) comes into force, a "GDPR moment" for the industry.

By Viktor Peterson