https://www.infoq.com InfoQ DevOps News feed https://www.infoq.com/news/2026/04/cncf-kusari-security/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news <img src="https://res.infoq.com/news/2026/04/cncf-kusari-security/en/headerimage/generatedHeaderImage-1775306473905.jpg"/><p>The Cloud Native Computing Foundation (CNCF) and Kusari have announced a new collaboration aimed at strengthening software supply chain security across cloud-native projects, providing free access to Kusari's AI-powered security tooling for CNCF-hosted projects.</p> <i>By Craig Risi</i> Cloud Security Software Supply Chain Cloud Native Computing Foundation DevOps news Fri, 10 Apr 2026 12:00:00 GMT https://www.infoq.com/news/2026/04/cncf-kusari-security/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news Craig Risi 2026-04-10T12:00:00Z /news/2026/04/cncf-kusari-security/en https://www.infoq.com/news/2026/04/github-actions-custom-runners/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news <img src="https://res.infoq.com/news/2026/04/github-actions-custom-runners/en/headerimage/generatedHeaderImage-1775640141930.jpg"/><p>GitHub has just announced the availability of custom images for its hosted runners. They've finally left the public preview phase that started back in October behind them. This feature will enable teams to use a GitHub-approved base image and then construct a virtual machine image that really meets their workflow requirements.</p> <i>By Claudio Masolo</i> github GitHub Actions DevOps news Wed, 08 Apr 2026 14:00:00 GMT https://www.infoq.com/news/2026/04/github-actions-custom-runners/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news Claudio Masolo 2026-04-08T14:00:00Z /news/2026/04/github-actions-custom-runners/en https://www.infoq.com/news/2026/04/istio-ai-multicluster/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news <img src="https://res.infoq.com/news/2026/04/istio-ai-multicluster/en/headerimage/generatedHeaderImage-1775305820792.jpg"/><p>The Cloud Native Computing Foundation (CNCF) has announced a major evolution of Istio, introducing new capabilities aimed at making service meshes “future-ready” for AI-driven workloads.</p> <i>By Craig Risi</i> Artificial Intelligence Istio Cloud Native Computing Foundation DevOps news Tue, 07 Apr 2026 12:00:00 GMT https://www.infoq.com/news/2026/04/istio-ai-multicluster/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news Craig Risi 2026-04-07T12:00:00Z /news/2026/04/istio-ai-multicluster/en https://www.infoq.com/news/2026/04/trivy-supply-chain-attack/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news <img src="https://res.infoq.com/news/2026/04/trivy-supply-chain-attack/en/headerimage/generatedHeaderImage-1774788388998.jpg"/><p>A major security incident affecting the widely used open source vulnerability scanner Trivy has exposed critical weaknesses in software supply chain security, after maintainers confirmed that a malicious release was briefly distributed to users.</p> <i>By Craig Risi</i> Incident Response Cloud Security Open Source DevOps news Fri, 03 Apr 2026 12:00:00 GMT https://www.infoq.com/news/2026/04/trivy-supply-chain-attack/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news Craig Risi 2026-04-03T12:00:00Z /news/2026/04/trivy-supply-chain-attack/en https://www.infoq.com/news/2026/04/cloudflare-dynamic-workers-beta/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news <img src="https://res.infoq.com/news/2026/04/cloudflare-dynamic-workers-beta/en/headerimage/generatedHeaderImage-1774813294233.jpg"/><p>Cloudflare has released Dynamic Worker Loader into open beta, offering V8 isolate-based sandboxing for AI-generated code execution. The company claims isolates start in milliseconds, using megabytes of memory, making them roughly 100x faster and up to 100x more memory-efficient than containers. The feature builds on Cloudflare's Code Mode approach.</p> <i>By Steef-Jan Wiggers</i> Serverless Artificial Intelligence Performance Cloudflare Cloud FaaS Development Architecture & Design DevOps news Wed, 01 Apr 2026 10:11:00 GMT https://www.infoq.com/news/2026/04/cloudflare-dynamic-workers-beta/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news Steef-Jan Wiggers 2026-04-01T10:11:00Z /news/2026/04/cloudflare-dynamic-workers-beta/en https://www.infoq.com/news/2026/03/litellm-supply-chain-attack/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news <img src="https://res.infoq.com/news/2026/03/litellm-supply-chain-attack/en/headerimage/litellm-supply-chain-attack-1774987285804.jpeg"/><p>Discovered by FutureSearch researcher Callum McMahon, a supply chain attack against LiteLLM on PyPI resulted in over 40 thousand downloads of a compromised version that installed a malicious payload capable of harvesting and exfiltrating sensitive information. LiteLLM is downloaded roughly 3 million times per day.</p> <i>By Sergio De Simone</i> Security Vulnerabilities Python Security Software Supply Chain Open Source Development Architecture & Design AI, ML & Data Engineering DevOps news Tue, 31 Mar 2026 21:00:00 GMT https://www.infoq.com/news/2026/03/litellm-supply-chain-attack/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news Sergio De Simone 2026-03-31T21:00:00Z /news/2026/03/litellm-supply-chain-attack/en https://www.infoq.com/news/2026/03/agentic-engineering-patterns/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news <img src="https://res.infoq.com/news/2026/03/agentic-engineering-patterns/en/headerimage/generatedHeaderImage-1774683224857.jpg"/><p>Paul Duvall recently discussed his library of engineering patterns for AI assisted development and practices that ground high quality delivery. Related discussions from Paul Stack and Gergely Orosz highlight a shift toward remixing and specification driven development.</p> <i>By Rafiq Gemmail</i> AI Assisted Coding Development Culture & Methods AI, ML & Data Engineering DevOps news Tue, 31 Mar 2026 20:30:00 GMT https://www.infoq.com/news/2026/03/agentic-engineering-patterns/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news Rafiq Gemmail 2026-03-31T20:30:00Z /news/2026/03/agentic-engineering-patterns/en https://www.infoq.com/news/2026/03/kubernetes-observability/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news <img src="https://res.infoq.com/news/2026/03/kubernetes-observability/en/headerimage/generatedHeaderImage-1774787835389.jpg"/><p>As adoption of Kubernetes autoscalers like Karpenter accelerates, a new set of platform-agnostic observability practices is emerging, shifting focus from traditional infrastructure metrics to deeper insights into provisioning behavior, scheduling latency, and cost efficiency.</p> <i>By Craig Risi</i> Kubernetes Observability DevOps news Tue, 31 Mar 2026 12:00:00 GMT https://www.infoq.com/news/2026/03/kubernetes-observability/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news Craig Risi 2026-03-31T12:00:00Z /news/2026/03/kubernetes-observability/en https://www.infoq.com/news/2026/03/cloudflare-api-vulnerability/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news <img src="https://res.infoq.com/news/2026/03/cloudflare-api-vulnerability/en/headerimage/generatedHeaderImage-1774878962304.jpg"/><p>Cloudflare has announced the open beta of its Web and API Vulnerability Scanner. This Dynamic Application Security Testing (DAST) tool is part of the API Shield platform.</p> <i>By Claudio Masolo</i> Security Vulnerabilities Edge Cloud Security API DevOps news Tue, 31 Mar 2026 09:00:00 GMT https://www.infoq.com/news/2026/03/cloudflare-api-vulnerability/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news Claudio Masolo 2026-03-31T09:00:00Z /news/2026/03/cloudflare-api-vulnerability/en https://www.infoq.com/news/2026/03/ai-agency-team-topologies/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news <img src="https://res.infoq.com/news/2026/03/ai-agency-team-topologies/en/headerimage/header-1774737099411.jpeg"/><p>At QCon London 2026, Matthew Skelton argued that AI success depends on organisational maturity. He highlighted bounded agency, security, and stewardship as key to managing AI agents. By using Innovation and Practices Enabling Teams, companies can drive knowledge diffusion and optimise internal processes to see real-world returns on their AI investments.</p> <i>By Mark Silvester</i> Artificial Intelligence Strategy Team Collaboration Development Architecture & Design Culture & Methods DevOps news Tue, 31 Mar 2026 08:00:00 GMT https://www.infoq.com/news/2026/03/ai-agency-team-topologies/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news Mark Silvester 2026-03-31T08:00:00Z /news/2026/03/ai-agency-team-topologies/en https://www.infoq.com/news/2026/03/kubevirt-18-announcement/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news <img src="https://res.infoq.com/news/2026/03/kubevirt-18-announcement/en/headerimage/generatedHeaderImage-1774805714409.jpg"/><p>Version 1.8 of KubeVirt was announced at KubeCon + CloudNativeCon Europe 2026. The release is aligned with Kubernetes v1.35, and the most significant addition is a Hypervisor Abstraction Layer (HAL) that allows the project to use backends other than KVM. In an announcement post on the CNCF blog, the maintainers announced the new release, broken down by their SIGs.</p> <i>By Matt Saunders</i> Kubernetes Virtual Machines DevOps news Tue, 31 Mar 2026 07:00:00 GMT https://www.infoq.com/news/2026/03/kubevirt-18-announcement/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=DevOps-news Matt Saunders 2026-03-31T07:00:00Z /news/2026/03/kubevirt-18-announcement/en