Git 2.55, Linux 7.2-rc1, and a real RSA key vulnerability in the wild — a quieter news day with a few sharp edges worth your attention.
// SECURITY FOCUS
Weak RSA keys with sparse bit patterns found in real-world Certificate Transparency logs
This isn’t a theoretical attack — Trail of Bits found factorably weak RSA keys in actual CT logs, TLS/SSH scans, and PGP keystores, meaning keys are already out there that can be broken. The badkeys project now checks for this pattern; if you manage a PKI or issue certs programmatically, your key generation path may be producing sparse keys without you knowing it. Run your existing public keys through badkeys before assuming you’re clean.
What to do: Run your org’s public keys through the badkeys tool this week and audit any programmatic RSA key generation for insufficient entropy or biased bit patterns.
- Git 2.55 ships Rust enabled by default, fsmonitor for Linux, and git history fixup — Phoronix · Jun 29
Git 2.55 ships with Rust support enabled by default at build time – previously opt-in, now opt-out via NO_RUST – though it won’t become mandatory until Git 3.0 or later. The release also adds a git history fixup workflow that merges staged changes directly into an older commit without requiring an interactive rebase, though the git history sub-command remains experimental. Incremental multi-pack index repacking gets further improvements as well. For most distro packagers and CI pipelines building Git from source, expect a Rust toolchain dependency to land quietly unless they explicitly opt out. - Linux 7.2-rc1 on Threadripper: I/O improvements, faster poll, and some regressions — Phoronix · Jun 29
Early benchmarks of Linux 7.2-rc1 against Linux 7.1 stable on a 96-core AMD Ryzen Threadripper PRO 9995WX show measurable I/O improvements and faster poll performance, alongside some regressions. Testing used a consistent Kconfig across both builds on the same hardware – 4×32 GB DDR5-6400, a 2 TB Corsair MP700 PRO NVMe SSD – so the delta is reasonably clean. Linux 7.2 stable is expected in August and will ship with Ubuntu 26.10 and Fedora 45. The article doesn’t quantify the improvements or regressions numerically in the extracted text, so check the full Phoronix benchmark tables before drawing conclusions about whether the I/O gains outweigh the regressions on your workload. - Kubernetes documents its AI policy: code generation is fast, maintenance isn’t — LWN.net · Jun 29
The Kubernetes project has published a formal AI policy after repeated PRs derailed into arguments about AI usage. The core tension it addresses: AI makes generating code fast but hasn’t improved the maintenance burden that follows. Contributors must disclose when AI tools helped produce a contribution, but can’t list an LLM as co-author or add ‘assisted-by’ / ‘co-developed’ git trailers. It’s a pragmatic stance – the project isn’t banning AI-assisted contributions, it’s just insisting humans stay accountable for what they submit. - Lessons learned running over 1 million Lambda functions in a multi-account SaaS platform — AWS Architecture · Jun 29
ProGlove runs a one-AWS-account-per-tenant SaaS platform with over 1 million Lambda functions spread across thousands of customer accounts, and this post walks through what broke at each order of magnitude. The per-account model pays off in quota isolation – each tenant gets independent Lambda concurrency limits and API Gateway throttles, so a noisy tenant can’t cascade failures to others – but it forces you to treat per-account fixed costs with the same scrutiny as compute. Their biggest surprises: synchronized cron schedules across thousands of accounts produced self-inflicted DDoS traffic against internal APIs (fixed with mandatory jitter in a shared library), and observability forwarding nearly doubled the cloud bill until they triaged high vs. low priority telemetry and brought per-account cost from $3 down to roughly $0.70. At scale, SQS polling between EventBridge and Lambda added up enough that they removed the queue entirely, replacing it with metric-driven safety checks on AsyncEventsDropped and concurrent executions. CloudFormation StackSets also hit a performance ceiling at this volume, which led to direct collaboration with the AWS CloudFormation team to influence stability fixes rather than building a full replacement. - bcachefs targets first Rust code inside the kernel module with v1.38.7 — LWN.net · Jun 29
The Linux 7.2 merge window closed at 13,412 non-merge commits – the busiest since 6.7 in 2024 – and among the highlights is bcachefs moving Rust from userspace tooling into the kernel module itself, one of the first filesystem drivers to do so outside the driver abstractions layer.
// In other news
ai
- Import AI 463: Self-improving robots; a 10k Chinese GPU cluster; and an elegiac essay for the human era (Import AI) · Jun 29 — Import AI 463 covers a 10k-GPU Chinese training cluster, self-improving robotics research, and a broader essay on what the current transition period actually means for engineering work.
- Ornith-1.0: Self-Scaffolding LLMs for Agentic Coding (Simon Willison) · Jun 29 — Ornith-1.0 is a new MIT-licensed open-weights model designed to self-scaffold agentic coding tasks, worth watching as a local-runnable alternative to hosted coding agents.
- Quoting Jon Udell (Simon Willison) · Jun 28 — Jon Udell argues that AI agents producing unreviewable PRs are a workflow antipattern – keep a human in the loop at diff review time, not just at prompt time.
- AI agents are not your “coworkers” (MIT Technology Review AI) · Jun 29 — MIT Tech Review pushes back on the ‘AI coworker’ framing – agents lack accountability structures that make human colleagues manageable, which matters when you’re assigning them real write access.
cloud
- The Bear Necessities: A Look at the Drivers, Dynamics, and Applications of the Pro-Russia Influence Ecosystem (Google Cloud Blog) · Jun 29 — Google Threat Intelligence maps the operational structure of the pro-Russia influence ecosystem, naming specific actors and infrastructure patterns useful for detection and attribution work.
- What the June 2026 Threat Technique Catalog update means for your AWS environment (AWS Security) · Jun 29 — AWS CIRT’s June 2026 threat technique catalog update documents attack patterns the team repeatedly sees in real incidents – concrete detection guidance for AWS defenders.
- Scaling Network Analysis for Fraud Prevention with BigQuery Graph (Google Cloud Blog) · Jun 29 — Curve ran fraud-ring detection on BigQuery Graph, using graph traversal to find connected-account clusters that flat SQL queries missed – concrete case study with architecture detail.
iac
- What’s new in Git 2.55.0? (GitLab) · Jun 29 — GitLab’s breakdown of Git 2.55.0 highlights the notable changes in plain terms – useful companion to the raw release notes when evaluating whether to roll it out.
k8s
- OTel and mesh-derived metrics: A 2026 reference (CNCF Blog) · Jun 29 — 2026 reference guide on combining OTel pipeline metrics with service-mesh-derived east-west traffic metrics – useful if you have OTel instrumentation but no visibility into inter-service calls.
- etcd-operator joins Cozystack with a new v1alpha2 API (CNCF Blog) · Jun 29 — etcd-operator donated to Cozystack ships a ground-up v1alpha2 API rewrite – worth reviewing if you run etcd clusters on Kubernetes before any automated upgrade tooling targets the new API.
linux
- Git 2.55.0 released (LWN.net) · Jun 29 — Git 2.55.0 is out with contributions from 100 people, 33 of them first-timers – check LWN for the feature breakdown before deciding whether to upgrade your CI runners.
- [$] Xsnow “protestware” in Debian (LWN.net) · Jun 29 — Xsnow, a Debian-packaged X11 screensaver, embedded protest code that silently activated on certain dates – a concrete example of protestware slipping through distro review.
- ZLUDA v6 Gets PhysX Running Well On AMD GPUs But Loses Commercial Funding (Phoronix) · Jun 29 — ZLUDA v6 gets PhysX running well on AMD GPUs but the project has lost its commercial funding, raising questions about long-term maintenance for anyone relying on CUDA compatibility on AMD.
- AMD Linux Patches Introduce New “Low Power” CPU Core Type (Phoronix) · Jun 29 — AMD kernel patches introduce a new ‘Low Power’ core type in the x86 topology code, hinting at heterogeneous CPU designs coming to AMD – relevant for scheduler and power management work.
- Next Bcachefs Release Aims To Include Rust Code In The Kernel Module (Phoronix) · Jun 29 — Bcachefs is targeting its next release to include Rust code inside the kernel module itself, making it one of the first production filesystem drivers to ship Rust in-kernel.
obs
- Call for Contributors: OpenTelemetry for Dart and Flutter (OpenTelemetry) · Jun 29 — OpenTelemetry is actively seeking contributors to build out Dart and Flutter SDKs – if you instrument mobile apps, this is the call to get involved before the API surface solidifies.
- Updated metrics pricing for Elastic Observability: Best-in-class metrics — now cheaper, too! (Elastic Blog) · Jun 29 — Elastic Observability Serverless now prices TSDS-mode metrics at 25% of the standard per-GB rate for both ingest and retention – meaningful cost reduction for high-cardinality metrics workloads.
sec
- The Red Agent POV: Exploiting Broken Object-Level Authorization in an Airline GraphQL API (Wiz Blog) · Jun 29 — Wiz Red Agent exploited a broken object-level authorization flaw in a GraphQL API to expose an entire airline booking database in 15 minutes – concrete BOLA walkthrough with resolver-bypass detail.
- Robot Police Officers (Schneier on Security) · Jun 29 — Schneier flags a June 22 demonstration of a drone capable of disarming suspects as a concrete step toward autonomous enforcement – raises immediate questions about accountability and adversarial misuse.
web
- Everything About the Context Facade (Freek Van der Herten) · Jun 29 — Laravel’s Context facade lets you attach metadata to requests, auto-enrich logs, scope values to closures, and propagate context through queued jobs and scheduled commands – full internals walkthrough.
- Guidelines for Syncing Code From Gutenberg Into WordPress Develop (Make WordPress Core) · Jun 30 — WordPress core changed Gutenberg sync from npm packages to zip downloads during the 7.0 cycle – new guidelines document the updated process for contributors maintaining that bridge.
Stay skeptical, keep your keys sparse-free, and enjoy the long weekend.

Leave a comment