Tamal Saha

🚨 Breaking: Trivy Docker images are compromised. Tags 0.69.4, 0.69.5, and 0.69.6 contain infostealer IOCs. The latest images were pushed to Docker Hub without corresponding GitHub releases. `latest` currently points to a malicious image. Details: socket.dev/blog/trivy-doc…

I will not be able to attend #KubeCon EU 2026 in Amsterdam, as my flight with Qatar Airways was canceled yesterday. This is a rather sad turn of events but one that is beyond my control.

@atoonk @Border0HQ @Tailscale Congratulations!

Exciting personal update: @Border0HQ has been acquired by @Tailscale 🚀 Proud of what we built and grateful to everyone who supported us along the way. The whole team is joining Tailscale to help build out their PAM offering. Excited for what’s ahead! border0.com/blogs/border0-…

🚨 Breaking: Trivy GitHub Actions supply chain attack – 75 out of 76 version tags compromised. If your CI/CD pipelines reference “aquasecurity/trivy-action” by version tag, you’re likely running malware right now. At Socket, we identified that an attacker force-pushed nearly every version tag in the official aquasecurity/trivy-action repository. That’s @​0.0.1 all the way through @​0.34.2. Over 10,000 GitHub workflow files reference this action. The malicious payload runs silently before the legitimate Trivy scan, so nothing looks broken. Meanwhile it’s: - Dumping runner process memory to extract secrets - Harvesting SSH keys - Exfiltrating AWS, GCP, and Azure credentials - Stealing Kubernetes service account tokens The only unaffected tag right now appears to be @​0.35.0. Socket independently detected this at 19:15 UTC and generated 182 threat feed entries tied to this campaign – all correctly classified as Backdoor, Infostealer, or Reconnaissance malware. This is the second Trivy compromise this month. Earlier in March, attackers injected code into the Aqua Trivy VS Code extension on OpenVSX to abuse local AI coding agents. The compromised tags are still active. Pin to @​0.35.0 or use a SHA reference until this is fully remediated. Full write-up: socket.dev/blog/trivy-und…

.@KubeDB is now a certified operator for Red Hat OpenShift. github.com/redhat-openshi…

@coltmcnealy Congratulations!

LittleHorse Server 1.0 is launched! Check it out on Hacker News: #47432210" target="_blank" rel="nofollow noopener">news.ycombinator.com/item?id=474321…

So, in business, be fair but don't be nice/gracious/generous.

Give someone an inch and they'll take a mile.

Coding agents have made "coding" fun again!

Welp! groups.google.com/g/kubernetes-s…

I guess .@KubeDB is finally an "operator". operatorhub.io/operator/kubed…

Turns out there are 4 different "Operator" indices!

🌟 Go 1.26.1 and 1.25.8 are released! 🔐 Security: Includes security fixes for the standard library (CVE-2026-25679, CVE-2026-27137, CVE-2026-27138, CVE-2026-27139, CVE-2026-27142). 🗣 Announcement: groups.google.com/g/golang-annou… ⬇️ Download: #go1.26.1" target="_blank" rel="nofollow noopener">go.dev/dl/#go1.26.1 #golang

Me: Doing a release to clean up CVEs from GO sdk. Go: 🖕

AI coding agents are fun.

"Gartner consulting down 12.8%. Forrester consulting down 16% in Q4, down 9% for the full year. Forrester is exiting strategy consulting entirely — bookings dropped over 50% in 2025."

The reason why RAM has become four times more expensive is that a huge amount of RAM that has not yet been produced was purchased with non-existent money to be installed in GPUs that also have not yet been produced, in order to place them in data centers that have not yet been built, powered by infrastructure that may never appear, to satisfy demand that does not actually exist and to obtain profit that is mathematically impossible.

Starlink on Qatar Airways

So, the photocopier works I guess.

So, you are not an operator unless operatorhub.io says so. WTF!