For today’s Donations Monday, I would like to remind you about a smaller fundraiser that I posted several weeks ago. It’s moving, but rather slow. So, let’s boost it!
A fundraiser for radio-electronic equipment for the 25th Brigade.
Monobank jar:
https://send.monobank.ua/jar/5cXWfFMLHR
The fundraiser is 60% complete.
#donations #Ukraine
A fundraiser for radio-electronic equipment for the 25th Brigade.
Monobank jar:
https://send.monobank.ua/jar/5cXWfFMLHR
The fundraiser is 60% complete.
#donations #Ukraine
❤4
Apparently, the Dutch Central Bank is opting for the Lidl cloud instead of a US solution as their cloud provider.
Right now, digital sovereignty may sound like loud promises, but this is one of the main issues the European tech sector will have to solve in the nearest future.
P.S. It’s also a bit funny that a grocery store is completing with a book store in cloud computing.
#cloud #lidl
Right now, digital sovereignty may sound like loud promises, but this is one of the main issues the European tech sector will have to solve in the nearest future.
P.S. It’s also a bit funny that a grocery store is completing with a book store in cloud computing.
#cloud #lidl
discount-retail-consulting
Netherlands: Dutch Central Bank (DNB) goes to Lidl for cloud services
Discount Retail Chain Lidl's sister company Schwarz Digits signs a major contract as a supplier of IT services to the Dutch Central Bank (DNB).This was announced by sales director Bernd Wagner on Monday during a major industrial fair in Hanover. Schwarz Gruppe…
❤15❤🔥3😁1
If you're hosting GitHub Enterprise Server, you need to update to address a recently discovered CVE.
What's interesting about this CVE is that it is a legit CVE that was discovered with AI. As WIZ researchers put it in the related article
Security notice from GitHub.
Fixed versions:
- GitHub Enterprise Server 3.14.25 or later
- GitHub Enterprise Server 3.15.20 or later
- GitHub Enterprise Server 3.16.16 or later
- GitHub Enterprise Server 3.17.13 or later
- GitHub Enterprise Server 3.18.7 or later
- GitHub Enterprise Server 3.19.4 or later
- GitHub Enterprise Server 3.20.0 or later
P.S. These news came from our chat (in Ukrainian).
#security #github
What's interesting about this CVE is that it is a legit CVE that was discovered with AI. As WIZ researchers put it in the related article
Notably, this is one of the first critical vulnerabilities discovered in closed-source binaries using AI, highlighting a shift in how these flaws are identified.
Security notice from GitHub.
Fixed versions:
- GitHub Enterprise Server 3.14.25 or later
- GitHub Enterprise Server 3.15.20 or later
- GitHub Enterprise Server 3.16.16 or later
- GitHub Enterprise Server 3.17.13 or later
- GitHub Enterprise Server 3.18.7 or later
- GitHub Enterprise Server 3.19.4 or later
- GitHub Enterprise Server 3.20.0 or later
P.S. These news came from our chat (in Ukrainian).
#security #github
wiz.io
GitHub RCE Vulnerability: CVE-2026-3854 Breakdown | Wiz Blog
A CVSS 8.7 vulnerability in GitHub Enterprise Server allows remote code execution. Read the threat brief and find vulnerable GHES instances from Wiz.
https://copy.fail/
Basically, you need to patch/recreate with new version everything that interact with not trusted part of internet.
Bug found was AI-assisted, btw.
#security
Basically, you need to patch/recreate with new version everything that interact with not trusted part of internet.
Bug found was AI-assisted, btw.
#security
Xint
Copy Fail — 732 Bytes to Root
CVE-2026-31431. 100% Reliable Linux LPE — no race, no per-distro offsets, page-cache write that bypasses on-disk file-integrity tools and crosses containers. Found by Xint Code.
🔥4
An interesting application for eBPF: patching your Kubernetes nodes against CopyFail (see the previous post) with a DaemonSet. It is supposed to work even if the
https://github.com/iwanhae/copyfail-ebpf-k8s
#security
algif_aead module is built into the kernel.https://github.com/iwanhae/copyfail-ebpf-k8s
#security
GitHub
GitHub - iwanhae/copyfail-ebpf-k8s: CVE-2026-31431 eBPF fix
CVE-2026-31431 eBPF fix. Contribute to iwanhae/copyfail-ebpf-k8s development by creating an account on GitHub.
😎3
My friends started a helper jar for two pickup trucks for AFU.
More info: https://www.instagram.com/p/DXpgaaWgH00
Monobank jar: https://send.monobank.ua/jar/3U1hBa5WPp
#donations #Ukraine
More info: https://www.instagram.com/p/DXpgaaWgH00
Monobank jar: https://send.monobank.ua/jar/3U1hBa5WPp
#donations #Ukraine
❤1
Figma has replaced PGBouncer with their own implementation called PGKeeper written in Go as a connection pooler for Postgres.
I really enjoyed this article, because they go into the implementation depths and describe why certain decisions were taken. Unfortunately, it doesn't always happen in such articles. Also, this is a nice reminder that software engineering is not only about writing CRUDs.
Unfortunately, they do not plan to open source it for now, also because it's too tightly coupled with libraries and approaches Figma uses internally. To be honest, it makes sense for in-house software to aim to one's specific needs rather than being generic enough to be open sourced.
#databases #postgres
I really enjoyed this article, because they go into the implementation depths and describe why certain decisions were taken. Unfortunately, it doesn't always happen in such articles. Also, this is a nice reminder that software engineering is not only about writing CRUDs.
Unfortunately, they do not plan to open source it for now, also because it's too tightly coupled with libraries and approaches Figma uses internally. To be honest, it makes sense for in-house software to aim to one's specific needs rather than being generic enough to be open sourced.
#databases #postgres
Figma
PGKeeper: Building the Bouncer We Needed for Postgres | Figma Blog
This is the story of why and how we built PGKeeper, a scalable and reliable service to support Figma’s rapidly growing products and database workload.
👍4😁4
A book bundle on Linux, shells, and other OPS topics by O’Reilly on Humble Bundle.
Just beware that this is a reoccurring bundle. It was featured before, including on this channel. Double-check before you buy!
#books
Just beware that this is a reoccurring bundle. It was featured before, including on this channel. Double-check before you buy!
#books
Humble Bundle
Humble Tech Book Bundle: Shells and Scripting for Seasoned Admins by O'Reilly ENCORE
Pay what you want for comics from <<<product>>>! Support a charity of your choice!
❤2
You may have heard already that Mitchell Hashimoto plans to move Ghostty away from GitHub.
It could be that you plan such a move yourself for whatever reason, but you're not sure yet. Here's a guide on how to push changes to GitHub and Codeberg simultaneously, so you could still keep the door open.
Codeberg is a non-profit European Git hosting. Although, this guide should work for any provider as long as you can use SSH keys for auth.
#programming #github
It could be that you plan such a move yourself for whatever reason, but you're not sure yet. Here's a guide on how to push changes to GitHub and Codeberg simultaneously, so you could still keep the door open.
Codeberg is a non-profit European Git hosting. Although, this guide should work for any provider as long as you can use SSH keys for auth.
#programming #github
Scripting on Caffeine
Pushing to GitHub and Codeberg Simultaneously with Git
Learn how to configure Git to push your code to both GitHub and Codeberg with a single command, including SSH key setup and a handy shell alias for branch-specific control.
👍5
Remember copy.fail which we all checking a week ago?
Here is a continuation - another Linux 0-day to root.
https://github.com/V4bel/dirtyfrag
Btw, I can recommend to checkout https://t.me/setenforce_1 - channel fully dedicated to security, or better say - to vulns that will have real effect on you. No bullshit about "10 common vulns" which you can check on OWASP etc. Love it.
#security #linux
Here is a continuation - another Linux 0-day to root.
https://github.com/V4bel/dirtyfrag
Btw, I can recommend to checkout https://t.me/setenforce_1 - channel fully dedicated to security, or better say - to vulns that will have real effect on you. No bullshit about "10 common vulns" which you can check on OWASP etc. Love it.
#security #linux
👍9🔥2
A new issue of the CatOps Digest is here!
https://newsletter.catops.dev/p/catops-digest-2026-05-09
Happy Europe Day! 🇪🇺
#digest #newsletter
https://newsletter.catops.dev/p/catops-digest-2026-05-09
Happy Europe Day! 🇪🇺
#digest #newsletter
newsletter.catops.dev
CatOps Digest 2026-05-09
What was on CatOps in the last few weeks...
❤5
For today’s Donations Monday, I would like to remind you about one of the smaller fundraisers from the recent digest.
- Radio-electronic equipment for the 25th Brigade.
It’s more than 80% complete, and I’m sure that with your help, we can close it this week.
#donations #Ukraine
- Radio-electronic equipment for the 25th Brigade.
It’s more than 80% complete, and I’m sure that with your help, we can close it this week.
#donations #Ukraine
❤2
Enabling horizontal autoscaling with co-operative distributed rate limiting is an old article from Monzo that describes, how they built their internal distributed rate limiting solution.
The interesting part is the reasoning about whether a system works in an adversary environment (public facing) or not (internal system). The main question here: can you trust a client? The answer to this question influences the design a lot!
#system_design
The interesting part is the reasoning about whether a system works in an adversary environment (public facing) or not (internal system). The main question here: can you trust a client? The answer to this question influences the design a lot!
#system_design
