nurdsoft

We're #hiring a new Senior Golang Developer in Colombia. Apply today or share this post with your network.

Checking back on last week's updates on software & security! ✨ Cloudflare Report Highlights Go's Popularity and AWS's Web Dominance Cloudflare's 2024 Radar report reveals Go has overtaken Node.js as the most used language for API clients, reflecting its suitability for concurrent programming and API development. Meanwhile, AWS leads public web hosting among the top 5000 domains, accounting for 62.3% of usage. The report also explores web frameworks, with PHP dominating programming languages due to WordPress, while React and Next.js lead in JavaScript frameworks. Variations between Cloudflare's and Wappalyzer's data underscore differing trends among high-traffic domains and general usage. 🐘 Aurora DSQL Balances PostgreSQL Compatibility with Distributed Architecture Amazon's Aurora DSQL, previewed at re:Invent 2024, claims PostgreSQL compatibility but lacks key features like foreign keys, views, triggers, and extensions due to its distributed architecture. The database uses microservices for components like query processing and journaling, enabling scalability and resilience but requiring asynchronous operations and new APIs. AWS plans to gradually introduce missing features while emphasizing benefits like elasticity, seamless updates, and serverless operations. Despite the limitations, Aurora DSQL has shown promise in porting PostgreSQL-based applications with minimal effort.    ⚠️ 390,000 WordPress Credentials Stolen in Supply Chain Attack Targeting Hackers Threat actor MUT-1244 executed a year-long supply chain attack, stealing over 390,000 WordPress credentials, SSH private keys, and AWS access tokens. The campaign exploited trust by using trojanized GitHub repositories and phishing emails to infect systems, including those of security researchers and threat actors. The attackers deployed malware via fake proof-of-concept exploits, malicious npm packages, and phishing schemes, exfiltrating stolen data to file-sharing platforms. Despite exposure, the campaign continues to compromise systems, highlighting significant risks within the cybersecurity community. 🤖 GitLab Integrates AI Agents to Streamline Non-Coding DevOps Tasks GitLab has introduced AI agents into its DevOps platform to automate non-coding tasks like documentation, unit test creation, security reviews, compliance checks, and Java code modernization. Integrated with AWS's Amazon Q, these agents provide a seamless experience within GitLab's UI, enabling a 360-degree software development life cycle. Developers can focus on solving business problems while AI agents handle mundane tasks, reducing time-intensive processes from weeks to hours. Current capabilities include upgrading Java codebases and improving team collaboration by detecting issues and notifying relevant team members. #golang #aws #wordpress #postgres

We're #hiring a new Automation Engineer - Cloud Infrastructure and DevOps Automation in Colombia. Apply today or share this post with your network.

We're #hiring a new Senior Golang Developer in Colombia. Apply today or share this post with your network.

We bring you this week's hot tech updates from the world of software & AI, give them a read until Santa is getting ready to ship our gifts! 🌐 𝗔𝗪𝗦 𝗟𝗮𝘂𝗻𝗰𝗵𝗲𝘀 𝗣𝗵𝘆𝘀𝗶𝗰𝗮𝗹 𝗗𝗮𝘁𝗮 𝗧𝗿𝗮𝗻𝘀𝗳𝗲𝗿 𝗧𝗲𝗿𝗺𝗶𝗻𝗮𝗹𝘀 𝗳𝗼𝗿 𝗙𝗮𝘀𝘁 𝗨𝗽𝗹𝗼𝗮𝗱𝘀 Amazon Web Services (AWS) has introduced Data Transfer Terminals, physical locations where customers can upload data to the AWS cloud using high-speed connections (up to 400Gbps). Customers can reserve a time slot through the AWS console, visit the terminals in New York and Los Angeles, and upload data securely. The service charges are based on port usage, with fees of $300 per hour for U.S. to U.S. transfers and $500 for U.S. to EU uploads. Additional terminals are expected to be added in the future. ☕️ 𝗢𝗿𝗮𝗰𝗹𝗲 𝗝𝗮𝘃𝗮 𝗣𝗿𝗶𝗰𝗲 𝗛𝗶𝗸𝗲𝘀 𝗣𝗿𝗼𝗺𝗽𝘁 𝗖𝗜𝗢𝘀 𝘁𝗼 𝗖𝗼𝗻𝘀𝗶𝗱𝗲𝗿 𝗢𝗽𝗲𝗻 𝗦𝗼𝘂𝗿𝗰𝗲 𝗔𝗹𝘁𝗲𝗿𝗻𝗮𝘁𝗶𝘃𝗲𝘀 Oracle's decision to switch its Java pricing model to a per-employee basis has caused significant price hikes, pushing CIOs to explore alternative solutions. Since the change in 2023, many organizations have faced price increases of two to five times their previous costs. Software asset management expert Martin Thompson suggests that switching to open-source alternatives can cut costs by up to 50%. The decision to move away from Oracle requires a top-level IT management decision due to the critical nature of Java in backend applications. Many companies are already considering alternatives, with a recent survey by Azul indicating that only 14% plan to remain with Oracle. 🛜 𝗚𝗼𝗼𝗴𝗹𝗲 𝗖𝗵𝗿𝗼𝗺𝗲 𝗜𝗻𝘁𝗿𝗼𝗱𝘂𝗰𝗲𝘀 𝗔𝗜-𝗣𝗼𝘄𝗲𝗿𝗲𝗱 𝗪𝗲𝗯𝘀𝗶𝘁𝗲 𝗧𝗿𝘂𝘀𝘁 𝗥𝗲𝘃𝗶𝗲𝘄𝘀 Google Chrome is launching an AI feature called "Store reviews" that provides quick summaries of a website's trustworthiness based on reviews from independent platforms like Trust Pilot and ScamAdvisor. The feature is accessed by clicking the lock or "i" icon in the address bar, offering an AI-generated overview of a site’s reputation. This addition enhances Chrome's AI-driven protection, including real-time safeguards against dangerous sites and downloads. The update is part of Google's broader push to integrate more AI tools into Chrome. 🎭 𝗥𝗲𝗱𝗶𝘀 𝗜𝗻𝗰 𝗕𝗮𝗰𝗸𝘀 𝗗𝗼𝘄𝗻 𝗳𝗿𝗼𝗺 𝗖𝗼𝗻𝘁𝗿𝗼𝗹 𝗢𝘃𝗲𝗿 𝗥𝘂𝘀𝘁 𝗖𝗹𝗶𝗲𝗻𝘁 𝗔𝗺𝗶𝗱 𝗧𝗿𝗮𝗱𝗲𝗺𝗮𝗿𝗸 𝗗𝗲𝗯𝗮𝘁𝗲 Redis Inc sought control or renaming of the popular Rust redis-rs client, citing trademark concerns and a desire for enterprise-grade features. The move sparked community backlash, with fears of ecosystem fragmentation and potential conflicts with Redis-compatible alternatives like Valkey. Amid criticism, Redis Inc has since clarified its intent and agreed to collaborate, allowing redis-rs to retain its name. The situation highlights tensions between open-source communities and corporate interests. #aws #java #redis #ai

Nurdsoft delivers maintainable and scalable software solutions. Have a sneak peek into how Nurdsoft can help you and hire a Nurd just right for you! 👉🏼 https://lnkd.in/gzbZ5PgC #engineering #talent #cloud #productdevelopment

We bring you another week of news capturing the world of programming & security! 🐘 PHP 8.4 Released with New Features and Performance Improvements PHP 8.4, the latest major release of the scripting language, introduces several enhancements: - Key Features: Property hooks, lazy objects, asymmetric visibility, an object API for BCMath, and new array functions. - Performance: A new JIT implementation using the IR Framework and various optimizations. 🐧 New Linux Kernel Patch Enables Forcing CPU Bug Mitigations for Debugging and Research A new Linux kernel patch by Google engineer Brendan Jackman introduces the force_cpu_bug= boot parameter, allowing users to apply CPU vulnerability mitigations, like Spectre and Meltdown, even on systems not known to be affected. This feature aids kernel debugging, security research, and testing mitigation impacts by simulating vulnerable CPUs, providing a quick workaround for unconfirmed vulnerabilities. The patch is currently under review for inclusion in the Linux kernel. 🐧 Critical Security Bugs in Linux’s needrestart Utility Pose Root Access Threats Five critical vulnerabilities in Linux's needrestart utility, used to detect necessary system reboots after updates, were discovered by Qualys. These flaws in versions before 3.8 allow local attackers to manipulate environment variables or exploit race conditions to gain root access. Vulnerabilities impact Python, Ruby, and Perl interpreters, exposing millions of Ubuntu Server installations where needrestart is a default package. While attackers require local access, risks include system compromise, data breaches, and operational disruption. Admins are urged to upgrade to version 3.8+ or mitigate by disabling the utility's interpreter heuristic. 🦀 Community Initiative to Verify the Rust Standard Library for Safety The Rust community has launched a collaborative effort to formally verify the safety of Rust's standard libraries, which rely on unsafe operations for performance and functionality. This initiative addresses challenges like the lack of specifications, scalable verification mechanisms, and the increasing prevalence of soundness issues in core libraries. The effort is organized as challenge-based contests with financial rewards, encouraging contributors to verify memory safety and eliminate undefined behaviors in functions. Tools like Kani, Prusti, and Verus emphasize a tool-agnostic approach for continuous integration. Community participation is invited via GitHub for reviews, proofs, and tool enhancements. #linux #php #aws #rust

We're #hiring a new Senior Golang Engineer- Latin America in Colombia. Apply today or share this post with your network.

We're #hiring a new Lead DevOps Engineer- Latin America in Peru. Apply today or share this post with your network.

We're #hiring a new Senior Quality Assurance Test Engineer in India. Apply today or share this post with your network.