Quiet holiday week, but the kernel mailing list and the FBI both had eventful Wednesdays.
// SECURITY FOCUS
FBI seizes NetNut proxy platform tied to 2M-device Popa botnet
NetNut is a commercially sold residential proxy service from a NASDAQ-listed company, not a shady underground operation – which means some of those 2M compromised devices are in enterprise networks whose owners bought “legitimate” proxy access without knowing it rode on a botnet. If your threat intel feeds flagged NetNut IPs as benign commercial proxies, that classification needs revisiting now that the domains are seized.
What to do: Pull your firewall and proxy logs for NetNut-associated CIDR ranges this week and check whether any internal hosts were communicating with them.
- Two LLM-assisted kernel patch sets get very different receptions from mm developers — LWN.net · Jul 2
Established mm developers submitting LLM-assisted patches are getting real review; unknown contributors using the same tools are getting noise-filtered. The split tells you more about how the kernel will actually gate AI contributions than any policy statement has. - Etcd v3.5.32 and v3.6.13 fix a websocket auth bug alongside dependency CVEs — etcd · Jul 1
SIG-etcd released v3.5.32 and v3.6.13, patching dependency CVEs and fixing a websocket auth bug where bearer-prefixed tokens caused authenticated requests to be rejected. Both releases move to Go 1.25.11 and bump go.opentelemetry.io/otel to v1.43.0 to address CVE-2026-29181 and CVE-2026-39883; v3.6.13 also bumps golang.org/x/crypto to v0.52.0. The new write-only-skip-check value for –v2-deprecation is the headline operational change – it lets operators upgrading from v3.5 to v3.6 bypass the startup check that blocks boot when non-membership v2 data remains, buying time before write-only-drop-data becomes the default in v3.7. Exploitability of the patched CVEs in etcd is unknown, but the release notes recommend applying at next maintenance window regardless. v3.4 is now end-of-life and won’t receive further patches. - Trail of Bits: GPT-5.5-Cyber built a zlib fuzzing lab and found real bugs in one day — Trail of Bits · Jul 2
Trail of Bits pointed GPT-5.5-Cyber at zlib as part of its OpenAI-backed “Patch the Planet” initiative and watched the model autonomously build a full fuzzing campaign in a single day – harnesses across a dozen entrypoints including inflate, inflateBack, uncompress2, MiniZip, puff, and several contrib stream wrappers, plus ASan/UBSan builds, seed corpora repurposed from existing edge-case tests, and compile-time variant builds to reach code hidden in non-default configurations. The model skipped static review on its own judgment, correctly calling it a poor return on tokens for a codebase as reviewed as zlib, then built out the campaign incrementally without hand-holding. Several findings are currently under coordinated disclosure; details drop once patches and a new release land. The operational implication is blunt: setting up a bespoke fuzzing campaign used to require weeks of skilled researcher time, which kept casual attackers out – that barrier is now largely gone. The defensive response Trail of Bits recommends is to run the same tooling first, with strict validity rules that filter agent noise into actionable signal, before a less careful operator does it against you. - Fedora 45 proposal: enable x86_64 shadow stack by default — Phoronix · Jul 2
Fedora 45 is proposing to enable x86_64 Shadow Stack protection by default, activating hardware-enforced ROP attack mitigation for any process where the binary and all shared library dependencies are built with Shadow Stack support. The groundwork is already mostly done – Fedora has compiled packages with -fcf-protection since 2018, so the majority of binaries already carry the required markup and will gain protection transparently. The one new failure mode to watch for: if a Shadow Stack-enabled process calls dlopen on a non-compliant shared object at runtime, it gets a hard dlopen error rather than silently running unprotected – so third-party or legacy .so files that haven’t been rebuilt could break dynamic loading. Performance cost is reported as negligible. This covers Shadow Stack only; Indirect Branch Tracking (IBT) for full CET coverage is a separate effort planned for a later release. - Amazon EKS now supports Kubernetes version rollbacks within 7 days of upgrade — AWS News Blog · Jul 1
Amazon EKS now lets you roll back a Kubernetes control plane upgrade within 7 days of completing it – a capability vanilla Kubernetes doesn’t offer at all. The rollback returns the cluster to its actual previous production version, not an emulated state, and supports one minor version at a time (e.g. 1.35 back to 1.34). Pre-rollback cluster insights flag node version mismatches and add-on dependency issues before you proceed; a –force flag skips those checks if you’ve already assessed the situation. For EKS Auto Mode clusters, nodes roll back alongside the control plane while respecting pod disruption budgets, and a cancel API lets you abort midway if the process is taking too long. Control plane rollback took roughly 20 minutes in AWS’s own testing. The feature is available in all commercial EKS regions at no extra charge – you pay only standard EKS and compute costs. For teams managing many clusters in regulated environments who’ve been delaying upgrades out of fear of getting stuck, this removes the main operational blocker.
// In other news
ai
- Using DSPy to evaluate and improve Datasette Agent’s SQL system prompts (Simon Willison) · Jul 2 — Simon Willison documents using DSPy to automatically evaluate and improve SQL system prompts for Datasette Agent – a concrete example of prompt optimization with measurable output.
- LLMs are stuck in a groupthink groove. This startup is trying to get them out. (MIT Technology Review AI) · Jul 1 — Research on LLM output clustering shows models systematically favor certain values (e.g., 7 for 1-10 random numbers) – a startup is building diversity-injection techniques to counter this.
- 🔬 The Coolest Diffusion Research Isn’t in LLMs — Evan Feinberg & Sergey Edunov, Genesis Molecular AI (Latent Space) · Jul 1 — Former Meta Llama lead explains why PEARL’s zero-shot protein binding predictions outperformed supervised baselines at OpenBind, and what the accuracy threshold means for practical drug discovery.
- Have your agent record video demos of its work with shot-scraper video (Simon Willison) · Jun 30 — shot-scraper 1.10 adds a ‘video’ command so agents can record screencasts of their browser sessions – useful for debugging and auditing agent behavior without manual observation.
- Autoresearch: The feedback loop behind self-improving agents (Latent Space) · Jul 1 — Introspection’s Roland Gavrilescu details how autoresearch agents run self-improving loops using structured ‘recipes’, with humans checkpointing the process rather than supervising every step.
cloud
- Google’s Continued Disruption of Malicious Residential Proxy Networks (Google Cloud Blog) · Jul 2 — Google, the FBI, and Lumen coordinated to disrupt malicious residential proxy networks used to route abuse traffic through unwitting consumers’ devices.
- Your site, your rules: new AI traffic options for all customers (Cloudflare Blog) · Jul 1 — Cloudflare now lets all customers split AI bot traffic into distinct buckets – search crawlers vs. scrapers vs. agents – and set per-bucket rules instead of a blanket block.
- Content Independence Day, one year on: building the business model for the agentic Internet (Cloudflare Blog) · Jul 1 — Cloudflare’s one-year bot-traffic report quantifies how autonomous AI agents have shifted crawler composition and what that means for publishers pricing access to their content.
- Scaling LLM Inference: Multi-Node KV Cache Offloading with GKE & Managed Lustre (Google Cloud Blog) · Jul 1 — GKE + Managed Lustre used to offload KV cache across nodes during LLM inference, reducing HBM pressure for long-context workloads – concrete architecture with actual config.
- Unmasking the crawls with Attribution Business Insights (Cloudflare Blog) · Jul 1 — Cloudflare’s new Attribution Business Insights dashboard names which AI companies are crawling your site and at what volume, giving operators data to negotiate crawler compensation.
culture
- How Kent Beck shapes the software engineering industry (Pragmatic Engineer) · Jul 1 — Kent Beck on why TDD and XP principles hold up in the AI coding era, and where he thinks trust-building between engineers matters more than throughput metrics.
- Why your AI bill is bigger than it should be (LeadDev) · Jul 1 — Token hygiene – trimming context windows, caching repeated prompts, and right-sizing models per task – is becoming a first-class engineering cost control discipline as AI spend scales.
dev
- Announcing Rust 1.96.1 (Rust Blog) · Jun 30 — Rust 1.96.1 is a point release addressing regressions introduced in 1.96.0 – if you’ve hit unexpected compiler behavior since upgrading, this is the fix.
iac
- How to Test Infrastructure as Code (Pulumi Blog) · Jun 30 — Pulumi’s guide to IaC testing covers unit, integration, and property-based tests with concrete code examples – applies to Pulumi but the taxonomy maps cleanly to Terraform testing patterns too.
- HCP Terraform Powered by Infragraph Limited Availability Launch (HashiCorp Blog) · Jun 30 — HCP Terraform’s Infragraph feature (limited availability) builds a dependency graph across your full cloud estate to surface drift and unmanaged resources in multi-cloud setups.
k8s
- Understanding dynamic resource allocation in Kubernetes (CNCF Blog) · Jul 1 — Kubernetes DRA hit GA in v1.35 and NVIDIA has moved its GPU driver into the new framework – this post explains the actual request/claim model with examples covering GPU sharing scenarios.
- Blog: Announcing Flux 2.9 GA (Flux CD) · Jun 30 — Flux 2.9 GA ships with improvements to OCI artifact handling and controller performance – check the changelog if you’re running Flux in high-throughput reconciliation environments.
- Support for Istio 1.28 has ended (Istio) · Jul 1 — Istio 1.28 is now end-of-life with no further security backports – clusters still on 1.28 need to upgrade to a supported minor version now.
- (re)introducing kpt: Your toolchain for infrastructure automation (CNCF Blog) · Jul 2 — kpt re-emerges as a CNCF-backed Kubernetes config automation tool focused on in-place, Git-native package mutation – worth evaluating if Helm’s templating model frustrates you.
linux
- [$] Secure Boot certificate expiration is here (LWN.net) · Jul 1 — Microsoft’s Secure Boot signing certificate used to verify Linux bootloaders has hit its expiration window – systems with Secure Boot enabled may need action before the deadline.
- KDE Plasma Affected By Arbitrary Code Execution To Break Sandboxes With “Open New Window” (Phoronix) · Jul 2 — An unpatched arbitrary code execution flaw in KDE Plasma lets attackers break out of sandboxes via the ‘Open New Window’ action – no fix available yet, details now public.
- EFS File-System Slated For Removal With Linux 7.3 After 20+ Years Unmaintained (Phoronix) · Jul 2 — The SGI IRIX-era EFS read-only driver is slated for removal in Linux 7.3 after sitting unmaintained for 20+ years – unlikely to affect anyone, but worth knowing before a kernel upgrade breaks an exotic mount.
- Linux Kernel Developers Again Discussing AI Agent Attribution – Potentially Dropping It (Phoronix) · Jul 2 — Linux kernel maintainers are reconsidering the ‘Assisted-by’ AI attribution tag policy, with some arguing it creates noise without meaningful accountability.
- CalyxOS is back (LWN.net) · Jul 2 — CalyxOS, the privacy-focused Android fork that announced shutdown in August 2025, has reversed course and resumed development – useful for anyone who migrated away.
obs
- Datadog acquires Adaptive ML (Datadog Blog) · Jun 30 — Datadog has acquired Adaptive ML, which builds tooling for training and deploying specialized AI models – signals Datadog is moving further into owning the AI model lifecycle, not just observing it.
- Debug and evaluate your AI app from your coding agent with Datadog Agent Observability (Datadog Blog) · Jun 30 — Datadog’s Agent Observability integration lets coding agents query trace data, classify failures, and generate fix suggestions directly inside the agent loop without leaving the IDE.
- Your business applications are at risk: Introducing in-context security findings for Kubernetes (Dynatrace Blog) · Jun 30 — Dynatrace now surfaces security findings in-context with Kubernetes deployment topology, so a CVE maps directly to which running workloads are exposed rather than requiring a separate pivot.
sec
- Cybersecurity Mission Creep in the US (Schneier on Security) · Jul 2 — Schneier covers an SSRN paper documenting how U.S. cybersecurity mandates have expanded far beyond their original scope, with policy implications for teams subject to federal compliance requirements.
- Secure Amazon container workloads using container attribute-based rules in AWS Network Firewall (AWS Security) · Jul 1 — AWS Network Firewall now supports EKS/ECS container attribute-based rules, letting you write firewall policy against pod labels or task metadata instead of IP ranges.
- How to use the AWS Workload Credentials Provider for cross-account secret retrieval and prefetching secrets (AWS Security) · Jul 1 — AWS Workload Credentials Provider now supports cross-account Secrets Manager retrieval and secret prefetching, reducing latency for high-frequency secret reads in multi-account setups.
- Breaking Down the White House’s Actions on Post-Quantum Cryptography Readiness (Wiz Blog) · Jul 2 — The White House executive order mandating PQC migration sets concrete federal timelines – Wiz breaks down which NIST algorithms are required and what agencies must inventory by when.
web
- Merge Proposal: Expanding WordPress Core Abilities (Make WordPress Core) · Jul 2 — WordPress 7.1 proposal adds three read-only Abilities API entries, expanding the permissions framework that shipped in 6.9 – relevant if you’re building plugins that check capability context.
- WordPress 7.0.1 RC1 is now available (Make WordPress Core) · Jul 1 — WordPress 7.0.1 RC1 is available for testing as a bug-fix-only maintenance release – worth running against staging before it hits auto-update.
- Your Laravel routes can carry metadata now, and Flare shows it (Spatie) · Jul 1 — Laravel now supports attaching arbitrary metadata to route definitions, readable at runtime – Flare’s error reporting surfaces this metadata in stack traces, helping correlate errors to specific route contexts.
- Worker Metrics on the WorkerStopping Event in Laravel 13.18 (Laravel News) · Jul 1 — Laravel 13.18 adds worker metrics exposed on the WorkerStopping event, giving queue operators visibility into per-worker stats at shutdown without external instrumentation.
- Laravel AI Tasks: An AI Orchestration Package for Queues, Logging, and Cost Control (Laravel News) · Jul 2 — Laravel AI Tasks packages LLM calls into queue-backed jobs with built-in logging and per-task cost tracking – handles retry logic and token spend reporting out of the box.
Enjoy the long weekend if you’ve got one. Back Monday.

Leave a comment