Skip to main content

Posts

Ornith Models Automate Agentic Coding With Self-Scaffolding

Ornith, a new family of open source LLM models from the DeepReinforce research collective, takes a novel approach to executing coding and debugging tasks: It generates an architectural framework to give the user’s harness a structured instruction set – a scaffold – to create an agent to complete the job. Available in a set of four variants, the Ornith family was trained to work comfortably with complex software repositories undertaking complicated long-horizon jobs. Sure, LLMs can do these tasks now – until the job gets too complex. Ornith’s self-generated scaffolding ensures that it doesn’t forget the plot along the way. “The model continuously improves not only its code generation abilities but also the orchestration strategy used to solve software engineering problems,” wrote AI tutorial engineer Mehul Gupta, in an introductory post . Deep Reinforcement Expansion Pack Ornith reads the user’s instruction, but instead of executing it directly it builds a scaffold, a learnable ob...
Recent posts

Anthropic Adds Enterprise Gateway to Simplify Claude Code Access on AWS and Google Cloud

Anthropic introduced a self-hosted gateway this week that lets enterprises run Claude Code on Amazon Bedrock and Google Cloud without the credential sprawl and manual setup that have typically come with deploying AI coding tools at scale. The Claude apps gateway is a single, stateless container that organizations deploy on their own infrastructure and back with a PostgreSQL database. It centralizes identity, policy enforcement, usage tracking, and spend management for Claude Code, addressing a problem that will sound familiar to anyone who has tried to roll out a developer tool across a large engineering org: Every new hire needs a cloud credential, every laptop needs the right settings pushed to it, and finance needs a way to see who’s spending what. Before the gateway, none of that was centralized. IT teams provisioned a credential per developer, manually distributed configuration, and stitched together separate tooling just to get visibility into spend. That’s a lot of ...

Building a Simple Event-Driven Application with Datadog Workflows

Back in October 2022, I wrote a short blog post explaining how I automated our Datadog Marketplace sales cycle using a few AWS services and my first-ever Golang program. That basic, event-driven system saved our sales team several hours a week by replacing a manual process with something far more efficient. Even though the original setup worked well and ran reliably for a couple of years, it still required ongoing maintenance — such as upgrading Go versions, fixing minor issues from those upgrades and updating the HubSpot SDK I built when their APIs changed. It wasn’t broken, but it was becoming a bit of a time sink. With Datadog Workflows becoming more robust and available, I figured it was time for a refresh. Why not see what it could do? Breaking Down the Old Flow The original flow followed a pretty typical event-driven architecture pattern: Event producers, a router and a consumer. Producer: The customer’s Datadog instance, which triggered an event when a trial started. Email ...

Attackers Exploit SimpleHelp Flaw to Steal Info from AI Coding Assistants, Clouds

Threat actors are exploiting a known security flaw in the SimpleHelp remote monitoring and management (RMM) software to drop two previously unknown pieces of malware that can compromise a broad range of systems and steal massive amounts of sensitive data. Researchers with Blackpoint Cyber’s Adversary Pursuit Group said they detected an intrusion in which the adversaries abused a critical authentication bypass vulnerability — tracked as CVE-2026-48558 — to obtain an authenticated technician session without valid credentials on an internet-facing SimpleHelp server. “The compromised RMM platform provided the operator with a trusted administrative channel capable of transferring files and executing commands on systems managed through the server,” Nevan Beal, principal managed detection and response (MDR) analyst with Blackpoint, and Sam Decker, threat intelligence engineer, wrote in a report . The bad actors followed that by deploying TaskWeaver, a modular and highly obfuscated Node.js...

Configuration Drift in a Multi-Cloud World

Configuration drift is the gap between the infrastructure state declared in code and the state actually running in your environment. It occurs when resources are changed outside of your infrastructure as code (IaC) workflow, so the live system no longer matches its definition. In a single cloud, drift is usually straightforward to find and correct. Across multiple providers, it is harder to detect and more costly to leave unaddressed. Why Does Multicloud Make Drift Worse? Each provider has its own API, resource model, console, and defaults. A change made directly in one cloud does not resemble the equivalent change in another, so the signals used to detect drift differ in each environment. There is often no single source of truth that covers all providers, and tagging conventions and naming standards vary between accounts. As a result, the number of places where an undeclared change can go unnoticed increases with each cloud you add. The practical effect is that the documented stat...

Ten Great DevOps Job Opportunities

DevOps.com is now providing a weekly DevOps jobs report through which opportunities for DevOps professionals will be highlighted as part of an effort to better serve our audience. Our goal in these challenging economic times is to make it just that much easier for DevOps professionals to advance their careers. Of course, the pool of available DevOps talent is still relatively constrained, so when one DevOps professional takes on a new role, it tends to create opportunities for others. The ten job postings shared this week are selected based on the company looking to hire, the vertical industry segment and naturally, the pay scale being offered. We’re also committed to providing additional insights into the state of the DevOps job market. In the meantime, for your consideration. Greenhouse HERE New York, NY Government DevOps Engineer – USA $145,000 to $185,000 Rocket Lab Littleton, CO DevOps Engineer II/Senior $115,000 to $170,000 Mixpanel Remote, US Software ...

From Phishing to Vishing: Why DevSecOps Must Rethink Communication Security

Key Takeaways: Vishing is the new frontline threat: Attackers are shifting from emails to phone-based scams, using AI and social engineering to bypass traditional security controls. DevSecOps must expand its scope: Securing code is no longer enough; communication channels like voice, chat, and messaging must be integrated into threat models and security pipelines. Human and technical defenses must work together: Strong architecture (encryption, authentication, Zero Trust) combined with employee awareness and verification practices is key to stopping modern social engineering attacks. As cybercriminals shift from email to phone lines, security professionals need to expand their scope. As a result, voice phishing or “vishing”, which involves social engineering through telephones or VOIP, is becoming increasingly common alongside traditional email phishing. Recent statistics indicate an exponential rise in vishing cases, which cost people over $1.2 billion in 2023. In this day and ...