Explore the latest engineering posts and summaries

Search by topic, company, or concept and scan results quickly.

Posts indexed693

Last indexedJun 13, 2026

GitHub EngineeringMay 20, 2026

Investigating unauthorized access to GitHub-owned repositories

Why it matters: This incident highlights the supply chain risks associated with developer tools like IDE extensions. It demonstrates the importance of rapid incident response, secret rotation, and endpoint isolation in mitigating the impact of a compromised internal environment.

GitHub detected a compromise on an employee device caused by a poisoned third-party VS Code extension.
Approximately 3,800 internal repositories were exfiltrated during the security incident.
No evidence suggests that customer-owned enterprises, organizations, or repositories were compromised.
Immediate response included isolating the affected endpoint and removing the malicious extension version.
GitHub rotated critical secrets and high-impact credentials to mitigate further risk.
Ongoing efforts include log analysis, secret rotation validation, and infrastructure monitoring.

#security #sre

Read original

GitHub EngineeringMay 20, 2026

Investigating unauthorized access to GitHub’s internal repositories

Why it matters: This incident highlights the growing threat of supply chain attacks targeting developer tools. It underscores the need for robust endpoint security and rapid secret rotation protocols when internal source code is compromised to prevent lateral movement and further exploitation.

GitHub detected a compromise of an employee device triggered by a poisoned third-party VS Code extension.
The attacker exfiltrated approximately 3,800 internal GitHub repositories during the incident.
No evidence suggests that customer-owned enterprises, organizations, or repositories were directly impacted.
GitHub responded by isolating the affected endpoint and removing the malicious extension version.
Critical secrets were rotated immediately, prioritizing high-impact credentials to mitigate further risk.
The investigation continues with log analysis and infrastructure monitoring for any follow-on activity.

#security

Read original

GitHub EngineeringMay 20, 2026

Investigation update: GitHub Enterprise Server signing key rotation

Why it matters: GitHub is rotating its GHES signing key following a cyber-attack to ensure the integrity of future updates. Engineers managing GHES instances must rotate GPG keys immediately to avoid update failures and maintain a secure, verified supply chain for their enterprise infrastructure.

GitHub is rotating the GitHub Enterprise Server (GHES) signing key following a detected cyber-attack.
The signing key is critical for validating the authenticity of GHES binaries during manual update processes.
Administrators must execute a provided GPG rotation script on all GHES nodes to maintain update compatibility.
The rotation process requires running the script as both the admin user and root to ensure all accounts are updated.
Failure to rotate keys will result in future upgrade failures with 'invalid package' verification errors.
GitHub Enterprise Cloud customers are unaffected and do not need to take any action.

#security #sre

Read original

Airbnb EngineeringMay 19, 2026

Scaling Airbnb’s identity graph with a unified knowledge graph infrastructure

Why it matters: Scaling graph databases for real-time applications is difficult. Airbnb's move to an internal JanusGraph platform demonstrates how to decouple storage from logic to achieve high performance, reliability, and operational control for massive identity resolution workloads.

Airbnb migrated its identity graph from a third-party SaaS to an internally managed platform built on JanusGraph and DynamoDB.
The system manages massive scale with 7 billion nodes and 11 billion edges, processing 5 million new edges daily for real-time identity resolution.
By using JanusGraph with a pluggable DynamoDB backend, Airbnb decoupled the graph logic layer from the storage persistence layer.
Technical optimizations include parallelizing high-fanout queries via the getMultiSlices interface and implementing custom transaction strategies.
The platform provides a unified, multi-tenant infrastructure that replaces fragmented relational, offline, and DIY graph implementations.

#data #dist #security

Read original

Salesforce EngineeringMay 19, 2026

How Salesforce Built an AI Security Agent for Autonomous Threat Triage

Why it matters: Scaling security operations manually is impossible in complex cloud environments. SATA demonstrates how AI agents can automate high-volume triage with 95% accuracy, allowing engineers to focus on critical threats while maintaining trust through confidence scoring and orchestration.

Salesforce developed SATA (Security Alerts Triage Agent) to automate the initial triage of hundreds of daily security alerts.
The agent overcomes data fragmentation by using orchestration workflows to pull context from disparate logs and case-management systems.
SATA improves accuracy by evaluating surrounding context and utilizing multiple agents to review cases from different perspectives.
The system achieved a 95% agreement rate with human analysts during benchmarking against historical security data.
A confidence scoring mechanism ensures high-risk or low-certainty cases are automatically routed to human experts for manual review.

#security #mlp #data

Read original

Cloudflare BlogMay 19, 2026

Announcing Claude Managed Agents on Cloudflare

Why it matters: This integration decouples AI logic from execution, allowing engineers to run Claude agents securely on Cloudflare's infrastructure. It provides granular control over sandboxes, enhanced observability, and the ability to scale via V8 isolates while maintaining private service connectivity.

Cloudflare and Anthropic have integrated Claude Managed Agents with Cloudflare Sandboxes to decouple agent logic from execution infrastructure.
Developers can run the agent loop on Anthropic's platform while using Cloudflare to execute code, secure connections, and manage tool calls.
The integration supports two execution environments: full Linux microVMs for complex tasks and lightweight V8 isolates for high-scale, low-latency execution.
Enhanced security features include customizable proxies for credential injection, data exfiltration prevention, and private service connectivity.
Built-in observability provides detailed sandbox metrics, logs, session recordings for browser-based agents, and interactive SSH access.
A Workers-based control plane manages agent sessions, automatically persisting state across session sleeps and providing a built-in management UI.

#mlp #security #sre

Read original

GitHub EngineeringMay 18, 2026

Take your local GitHub sessions anywhere

Why it matters: This feature decouples long-running AI agent tasks from the local workstation. It allows engineers to maintain oversight and control over complex refactoring or scaffolding jobs while away from their desks, increasing the flexibility and continuity of agentic development workflows.

GitHub Copilot now features remote control for CLI, VS Code, and JetBrains IDE sessions, allowing developers to manage agents from any device.
The '/remote on' command enables real-time session tracking and steering via github.com and the GitHub Mobile app.
Engineers can monitor agent progress, including file reads, code changes, and command execution, in real time from mobile or web interfaces.
Natural language instructions can be sent to running agents remotely to redirect their course or expand the scope of a task mid-flight.
The feature supports a full end-to-end workflow on mobile, from monitoring scaffolding to creating and merging pull requests.
Remote sessions are private by default, ensuring that only the session owner can view or interact with the running Copilot agents.

#mlp #mobile

Read original

Spotify EngineeringMay 18, 2026

Better Experiments with LLM Evals — A funnel, not a fork

Why it matters: LLM evals allow engineering teams to scale qualitative assessment, enabling faster experimentation and more reliable model deployment by replacing or augmenting slow human review with automated, consistent judging.

LLM evals act as automated judges to assess output relevance, coherence, and quality at scale.
The 'funnel' approach uses these evals to filter and refine model candidates before large-scale testing.
Automated evaluation bridges the gap between slow manual reviews and high-level quantitative metrics.
Integrating evals into experimentation frameworks accelerates the development feedback loop.
Consistent automated metrics allow for more objective comparisons between different model versions.

#mlp #data

Read original

Cloudflare BlogMay 18, 2026

Project Glasswing: what Mythos showed us

Why it matters: This marks a shift from AI as a simple scanner to an autonomous security researcher capable of verifying exploits. It highlights the potential for automated defense and an evolving threat landscape where attackers can autonomously chain minor bugs into major system vulnerabilities.

Mythos Preview enables complex exploit chain construction, linking multiple minor vulnerabilities into severe, functional exploits.
The model automates proof generation by writing and executing code in scratch environments to verify exploitability.
Testing showed that memory-unsafe languages like C/C++ generate higher noise and false positives than memory-safe alternatives.
Model refusals are inconsistent; the same security task may be blocked or allowed based on framing or environment.
Effective AI security research requires specialized infrastructure and harnesses rather than generic coding agents.

#security #mlp

Read original

GitHub EngineeringMay 15, 2026

Building a general-purpose accessibility agent—and what we learned in the process

Why it matters: This agent demonstrates how AI can scale accessibility compliance by automating the detection and fix of common WCAG violations. For engineers, it reduces manual review overhead and provides immediate feedback, ensuring more inclusive software reaches production faster.

GitHub is piloting an experimental AI agent to provide real-time accessibility guidance and automated remediation for front-end code.
The agent has reviewed over 3,500 pull requests to date, achieving a 68% resolution rate for identified accessibility issues.
Primary focus areas include WCAG compliance, specifically structural clarity, control naming, status messages, and keyboard focus order.
The tool integrates directly into developer workflows via GitHub Copilot CLI, VS Code, and automated pull request comments.
Success is built on a mature foundation of existing accessibility data, including structured issue templates and verified remediation steps.

#frontend #mlp #culture

Read original

Page 6 of 70

Prev 1...4 5 6 7 8...70 Next