InfoQ

Attacker Bought 30 WordPress Plugins on Flippa and Backdoored All of Them

Steef-Jan Wiggers — Wed, 06 May 2026 10:00:00 GMT

An attacker purchased 30+ WordPress plugins on Flippa for six figures, planted a PHP deserialization backdoor in the first commit, and waited eight months before activating it across 400,000 installations. The attack used Ethereum smart contracts to resolve C2. WordPress.org has no mechanism for reviewing plugin ownership transfers, a gap that npm and PyPI addressed years ago.

By Steef-Jan Wiggers

Google New TPU Generation is Specifically Designed for Agents and SOTA Model Training

Sergio De Simone — Wed, 06 May 2026 10:00:00 GMT

Google has unvelied a new generation of Tensor Processing Units (TPUs), featuring two specialized chips designed to accelerate model training and agent workflows, which require continuous, multi-step reasoning, and action loops distributed across multiple models. The new TPUs deliver better performance, memory, and energy efficiency, the company says.

By Sergio De Simone

Article: Beyond the Benchmark: A Metrics-Driven Approach to Sustained iOS Performance on Real Devices

Vasuki Uday Kiran Vudathala — Wed, 06 May 2026 09:00:00 GMT

iOS performance engineering often defaults to a mental model where performance is a property of a component. Performance is instead an emergent behavior of the interaction between application code, device hardware, OS resource management, network conditions, and user behavior patterns over time. This article gives a direct, first-party path to capturing performance issues using Xcode Instruments.

By Vasuki Uday Kiran Vudathala

Grafana's Kubernetes Monitoring Helm Chart v4 Brings Multiple Fixes

Matt Saunders — Wed, 06 May 2026 07:00:00 GMT

Grafana Labs has released version 4 of its Kubernetes Monitoring Helm chart, describing it as the most significant update the chart has received since its introduction. The release, announced in April 2026 by Pete Wall and Beverly Buchanan, addresses a range of configuration problems that had accumulated as users scaled to larger and more complex deployments.

By Matt Saunders

Inside Claude Code Auto Mode: Anthropic’s Autonomous Coding System with Human Approval Gates

Leela Kumili — Tue, 05 May 2026 14:38:00 GMT

Anthropic has introduced auto mode in Claude Code, enabling multi-step software development workflows with reduced manual intervention. The feature combines automated execution with layered safety mechanisms, including input filtering, action evaluation, and two-stage classification, while maintaining human approval checkpoints for sensitive operations.

By Leela Kumili

Presentation: How Netflix Shapes our Fleet for Efficiency and Reliability

Joseph Lynch, Argha C — Tue, 05 May 2026 14:00:00 GMT

The speakers explain the inherent tension between service efficiency and reliability at Netflix's global scale. They share a mental model for "risk-adjusted net value," moving beyond simple CPU utilization to focus on capacity buffers. They discuss hardware shaping, proactive traffic steering, and reactive levers like "hammers" and prioritized load shedding to protect critical playback.

By Joseph Lynch, Argha C

GitHub Enhances CodeQL with Declarative Security Modeling for Faster, More Flexible Analysis

Craig Risi — Tue, 05 May 2026 12:00:00 GMT

GitHub has introduced a significant update to its CodeQL engine, enabling developers to define custom sanitizers and validators directly through "models-as-data," a move that simplifies how teams extend security analysis across their codebases.

By Craig Risi

Mistral Adds Remote Agents and Work Mode to Le Chat

Daniel Dominguez — Tue, 05 May 2026 10:08:00 GMT

Mistral has released Mistral Medium 3.5, a 128-billion parameter model designed to handle instruction following, reasoning, and coding within a single system, and introduced new cloud-based agent capabilities in its Vibe and Le Chat products.

By Daniel Dominguez

Article: Three Pillars of Platform Engineering: a Virtuous Cycle

Pratik Agarwal — Tue, 05 May 2026 09:00:00 GMT

Platform engineering succeeds when reliability and ergonomics reinforce each other rather than compete. This article explores three foundational pillars: automated reliability, developer ergonomics, and operator ergonomics. Together, they establish a virtuous cycle that strengthens system stability, reduces operational burden, and empowers teams to scale infrastructure with confidence.

By Pratik Agarwal

Figma Builds In-House Redis Proxy to Hit Six Nines Uptime

Matt Saunders — Tue, 05 May 2026 07:00:00 GMT

Figma has published a detailed account of how it built an in-house Redis proxy service called FigCache, replacing a fragmented caching stack that had become a liability for site availability. The system, described in a post by Kevin Lin, has been in production since the second half of 2025 and has delivered what the company describes as six nines of uptime across its caching layer.

By Matt Saunders

Cloudflare Introduces Flagship: an Edge-Native Feature Flag Service Built on OpenFeature

Renato Losio — Tue, 05 May 2026 06:24:00 GMT

Cloudflare recently announced the closed beta of Flagship, a new feature flag service built directly into its global edge platform. The service lets teams control feature rollouts and experiment with changes without redeploying code, while evaluating flags locally in Cloudflare Workers rather than calling external flag services.

By Renato Losio

Cloudflare Processes 10M+ Daily Insights with New Security Overview Dashboard

Leela Kumili — Mon, 04 May 2026 14:33:00 GMT

Cloudflare has launched a Security Overview dashboard that consolidates security signals into prioritized action items. It surfaces millions of daily insights, helping teams identify and remediate critical risks faster. Built on distributed checkers and real-time event processing, it integrates analytics workflows to reduce investigation overhead and improve response efficiency.

By Leela Kumili

Presentation: The Human Scalability Problem: Why Your Teams Don’t Scale Like Your Code

Charlotte de Jong Schouwenburg — Mon, 04 May 2026 12:40:00 GMT

Charlotte de Jong Schouwenburg discusses the "human bottlenecks" of hyper-growth. While systems scale, human cooperation often breaks down due to communication overload and lost context. She shares proven tools for behavioral scalability - including communication architecture and "engineering trust" - to help leaders maintain high-performing, autonomous teams without sacrificing speed or culture.

By Charlotte de Jong Schouwenburg

Article: From Batch to Micro-Batch Streaming: Lessons Learned the Hard Way in a Delta Index Pipeline

Parveen Saini — Mon, 04 May 2026 11:00:00 GMT

This article describes how a production delta-index pipeline migrated from scheduled batch to micro-batch Spark Structured Streaming. It covers why record-level streaming was rejected, how partition-based watermarks replaced fragile S3 completion markers, overlap-window correctness, and restart-as-design strategies for better predictability in object-store–based ingestion systems.

By Parveen Saini

Podcast: Roq: Leveraging Quarkus to Build Static Sites at the Speed of Go

Andy Damevin — Mon, 04 May 2026 11:00:00 GMT

Andy Damevin, a developer who worked on Quarkus for almost a decade, talks about Roq. A project that started as an experiment to try to see if it’s possible to build a static web site generator on top of quarkus. He touches on the rationale for choosing Java and Quarkus, how to migrate to Roq, and the platform's future.

By Andy Damevin