Cluster API v1.12.0 addsin-place updatesandchained upgrades, so machines can swap parts without going down, and clusters can jump versions without drama. KubeadmControlPlaneandMachineDeploymentsnow choose between full rollouts or surgical patching, depending on what changed. The goal: keep clusters .. read more  

Kubernetes is cutting offIngress NGINXin March 2026. No more updates. No bug fixes. No security patches. Done. Roughly half of cloud-native setups still rely on it, but it's been understaffed for years. If you're one of them, it's time to move. There’s no plug-and-play replacement, but the ecosystem.. read more  

Clawdbot just plugged intoDocker Model Runner (DMR). That means you can now run your own OpenAI-compatible assistant, locally, on your hardware. No cloud. No per-token fees. No data leaking into the void!.. read more  

A new quadratic formula now mapscgroup v1 CPU sharestocgroup v2 CPU weight. Why? Because the old linear approach messed with CPU fairness; especially at low share values. This fix nails prioritization where it counts. It lands at theOCI runtime layer, live inrunc v1.3.2andcrun v1.23, so containers f.. read more  

“Frontier Agents” drop straight into incident workflows. They kick off investigations on their own, whether triggered by alarms or a human hand, pulling together logs, metrics, and deployment context fast. Findings show up where they’re needed: Slack threads, tickets, operator dashboards. No shell c.. read more  

Palantir's AIP Agentic Runtime isn't just another agent platform, it's a control plane with teeth. Think tight policy enforcement, ephemeral autoscaling with Kubernetes (Rubix), and memory stitched in from the jump viaOntology. Tool usage? Traced and locked down with provenance-based security. Every.. read more  

Modal unpacked how it keeps a 20,000+ GPU fleet sane across AWS, GCP, Azure, and OCI. Think autoscaling, yes, but with some serious moves behind the curtain. They're running instance benchmarking, enforcing machine image consistency, running boot-time checks, and tracking GPU health both passively a.. read more  

TheModel Context Protocol (MCP) 2025-11-25spec tightens up remote agent auth. It leans intoOAuth 2.1 Authorization Code grants, PKCE required, step-up auth backed. No token passthrough allowed. What’s new: experimental extensions forclient credentialsandclient ID metadata. These smooth out agent reg.. read more  

A dev ditched their $100/month VPS for a clean, automated CoreOS setup. No SSH. No clicking around. JustIgnition,Podman Quadlets, andTerraformdoing the heavy lifting. It boots from YAML, spins up containers with systemd, and keeps itself fresh withPodman auto-updates, zero-touch, straight from the r.. read more  

AI assistants with shell, network, or filesystem "skills" don't just help, they expose. These hooks can run commands before any human checks the model’s output. That means a bigger attack surface. More room for lateral movement. Easier persistence. In setups where tools like Claude Code run often, i.. read more