Researcher Alex Shakhov found scammers commandeering staleCNAMErecords. They hijack university subdomains (eg.berkeley.edu,columbia.edu,washu.edu) and serve p0rn and scam pages. Shakhov found hundreds of abused subdomains across at least34universities. He counted thousands of hijacked pages indexed .. read more  

A React Native app built withExpo SDK 54runsHermes. It talks to a WordPress REST backend and bundles a 5.5MB Hermes bytecode.Its WebView injects JavaScript to strip cookies, GDPR prompts, and paywall dialogs. The build includes OneSignal's fused-location pipeline, polling at 4.5 and 9.5 minutes and.. read more  

A Galera writer node froze afterInnoDBundo history ballooned. PooledAWS Lambdaconnections left transactions open and pinned MVCC read views. The team killed stalled sessions, enabledinnodb_undo_log_truncate, and cappedinnodb_max_undo_log_size. They also set sessiontransaction_isolation=READ-COMMITTE.. read more  

PostgreSQL's MVCC stores two 32-bit XIDs per tuple -xminandxmax. The transaction snapshot decides visibility per tuple. Updates append new tuples and mark the old withxmax.VACUUMreclaims versions only when no active snapshot can see them. Long-runningREPEATABLE READsnapshots pin versions and cause b.. read more  

A phone captures audio and runs aFast Fourier Transform (FFT)on short windows. It builds aspectrogramand extractspeaks. Nearby peak pairs form compacthashes(two frequencies + time delta). Aninverted indexmaps those hashes to songs, and timing validates matches. Most services run lookups onserversaga.. read more  

The author left JVM monolith ops forKubernetes. They stacked certs:CKA,CKAD,CKS,KCNA,KCSA,CNCF Golden Kubestronaut. They treatPodsas the atomic deployable. They pick fights:IngressvsNodePort. They warn aboutConfigMapdrift. They spotlight runtime primitives:Horizontal Pod Autoscalerandservice meshfor.. read more  

Airbnb built a metrics system that ingests50M samples/s, stores2.5PBof logical time series, and hosts1.3B active series. They use tenant-per-service grouping andshuffle sharding. They enforce per-tenant guardrails and a consolidatedcontrol plane. They shard queries and compaction. They run zone-awar.. read more  

Docker Sandboxes puts each agent session in a dedicatedmicroVM. Each microVM runs a privateDocker daemoninside the VM boundary. That blocks access to the host. A new cross‑platformVMMruns on macOS, Windows, and Linux hypervisors. It slashes cold starts and runs fullDockerbuild, run, and compose work.. read more  

AI modelslet non-experts craft real and fake vulnerabilities at scale. They spit out low-quality noise and the occasional high-value report. Reports floodOSS maintainers. Triage, patching, release cadences, and downstreamupgrade/compliancepipelines buckle under the load. Guidance recommends publishi.. read more  

Kubernetesv1.36promotesUser Namespacesto GA on Linux. It brings rootless workload isolation. Kubelet leans on kernelID-mapped mounts. It sidesteps expensivechownby remappingUID/GIDat mount time and confines privileged processes. No more mass-chown screams... read more