Welcome to episode 349 of The Cloud Pod, where the weather is always cloudy! Justin and Jonathan managed to make it into the studio this week, and they brought a guest! Dave Garaway jas joined us, and brought some on-the-ground knowledge from GTC, plus a slew of supply chain attacks, Gmail username changes and Claude’s code debacle. We’ve got all this and more – so let’s get started! 

Titles we almost went with this week

• AWS Console Gets a Makeover Nobody Asked For
• From Eight Hours to 22 Seconds, Hackers Got Fast
• AWS Spring Cleaning Hits Nine Services Hard
• Trivy Pursuit Turns Into a 500K Credential Heist
• Skip the Consultant, AWS Security Now Hacks Itself
• AWS Pen Testing Agent Pokes Your Cloud Around the Clock
• Your Cringey Gmail Address Gets a Second Chance
• Stop Babysitting Servers, Let Google Handle MCP
• AI Agent Untangles Your Kubernetes Networking Spaghetti
• One Bad Actor Poisons a Hundred Million Downloads
• Lambda Finally Hits the Gym with 32 GB
• From GPU Hype to Production Inference Without the Hyperscaler Headache

Follow Up

01:28 Hegseth, Trump had no authority to order Anthropic to be blacklisted, judge says

• A US District Judge granted Anthropic a preliminary injunction blocking the Department of War’s blacklisting, ruling the designation was First Amendment retaliation rather than a legitimate national security action.
• The court found officials lacked authority to blacklist Anthropic without considering less restrictive alternatives or providing evidence of an urgent security risk, noting the designation was triggered by Anthropic’s “hostile manner through the press.”
• The practical business impact was already substantial before the ruling, with three trade deals cancelled and other potential partners delaying negotiations, representing potentially billions in lost contracts over five years.
• Anthropic continues to balance the legal fight with maintaining its government relationships, publicly emphasizing alignment with the Department of War’s mission around safe AI deployment even while litigating against it.
• For cloud and AI vendors, this case establishes a notable precedent around government procurement decisions and First Amendment protections, with implications for how companies publicly challenge federal contracting positions.

02:35 Jonathan – “I’m guessing Anthropic is super busy with all the people coming to them for deals right now, because it seems to me that Anthropic is getting all the business customers and OpenAI are getting the personal customers.”  

04:08 Delve Announces Changes and New Customer Support Measures 

• Delve has responded to allegations from an anonymous Substack post by denying claims of faked evidence, clarifying that independent AICPA-accredited auditors, not Delve, issue SOC 2 reports and ISO 27001 certifications. 
• The company published a formal rebuttal and is now rolling out operational changes to address customer concerns.
• To support customers facing questions from their own clients and procurement teams, Delve is offering complimentary re-audits through independent auditors, complimentary grey-box penetration tests, and formal engagement letters from auditors, all at no cost.
• On the transparency side, Delve is moving auditor communications directly into customer Slack channels or shared email threads, so customers have full visibility into the audit process rather than relying on Delve as an intermediary.
• The platform is also adding clearer disclosures to templates and forms to explicitly identify them as guidance tools aligned to industry standards, addressing a core point of confusion raised in the controversy.
• For cloud practitioners, this situation highlights the importance of understanding the distinction between compliance automation platforms and the independent auditors who issue attestations, a boundary that procurement teams are increasingly scrutinizing when evaluating vendor security posture.

06:12 Justin – “I think the reality is that, and we talked about this last week, is that SOC 2 audits are very heavily templatized. That’s how these companies make them, and they work them. They do need to be edited, reviewed, and approved, and the right things need to be done, but they can’t always start as a template. A template’s not the problem. It’s what appears to be the automation and then the rubber-stamping by these auditors.”

06:39 Delve – Fake Compliance as a Service – Part II – Day 1 of 5

• This article covers allegations against Delve, a compliance automation startup, and represents a follow-up to earlier reporting. It does not directly relate to cloud platform news typically covered on The Cloud Pod, but here are the relevant talking points for context.
• A whistleblower from Delve provided internal screenshots and recordings after the initial article, including conversations suggesting the company’s auditing partner, Accorp, may not conduct thorough evidence reviews before issuing SOC 2 reports.
• Internal communications indicate Delve built an automated report generation tool, which contradicts the company’s public claim that it does not generate compliance reports on behalf of clients.
• Leaked internal notes from Karun Kaushik, dated November 2024, acknowledge that Delve’s platform had not released any new compliance frameworks since January 2025, a period that overlaps with the company’s Series A fundraise, raising questions about the accuracy of investor materials.
• Delve has transitioned clients to a new auditing firm called Ezzy and Associates, telling clients they will not need to restart SOC 2 Type 2 observation periods despite the auditor change, which compliance professionals would generally consider irregular, given the reported evidence quality concerns.
• For cloud practitioners, this situation is a reminder that compliance automation tools require scrutiny of both the underlying audit processes and the third-party auditors involved, as the validity of certifications like SOC 2 depends on the rigor of evidence collection and review.

06:57 Justin – “It’s just getting worse. I don’t know that Delve actually survives this.” 

General News 

08:17 NVIDIA GTC 2026 Recap: Tokens & Inference

• Jensen Huang reframed how AI infrastructure ROI should be measured, shifting from raw compute specs to tokens per watt and token speed at a fixed power budget. 
• Vera Rubin is projected to deliver approximately 5x more revenue potential per gigawatt compared to Blackwell, which has direct implications for how cloud operators and enterprises evaluate hardware investments.
• The Vera Rubin platform integrates the acquired Groq 3 LPX chip alongside the Rubin GPU, with NVIDIA’s Dynamo software splitting inference workloads between the two chips. This heterogeneous approach delivers 35x more throughput per megawatt for latency-sensitive workloads compared to running Vera Rubin GPUs alone.
• NVIDIA introduced OpenClaw, an open-source agentic AI framework, alongside an enterprise-hardened version called NeMo Claw that adds policy enforcement, network guardrails, and a privacy router to prevent data exfiltration. The security layer addresses a real concern for organizations deploying agents with access to internal infrastructure.
• NVIDIA released six domain-specific open model families, including Nemotron for language tasks, BioNeMo for drug discovery, Cosmos for robotics simulation, and Earth2 for climate forecasting, positioning these as the foundation for sovereign AI deployments where organizations want to avoid dependence on a small number of external model providers.
• The DSX digital twin platform uses Omniverse to simulate thermal, electrical, and network conditions before a data center is physically built, with NVIDIA estimating roughly a factor of two in recoverable efficiency across a typical AI factory deployment through better design and live operational optimization.

09:51 Dave – “Being in technology, that is a great place to go to put your finger on the pulse of where things are.” 

27:28 GTC 2026 Confirmed It: The Inference Era Is Here 

• DigitalOcean is positioning itself specifically around production inference workloads, announcing a new Richmond data center built with NVIDIA HGX B300 systems and a 400 Gbps non-blocking RDMA fabric designed for reasoning and agentic use cases.
• The company is bringing NVIDIA Dynamo 1.0 to its Kubernetes offering and expanding model access for reasoning, long-context, multimodal, and agentic workloads, which addresses the operational complexity developers face when moving AI from experimentation into production.
• DigitalOcean reported over 43,000 OpenClaw deployments since launch, suggesting meaningful developer adoption for always-on assistant and agentic application use cases on their platform.
• The broader industry signal from NVIDIA GTC 2026 is that cost per token, time to first token, and uptime are becoming as important as model quality, shifting infrastructure conversations from raw compute to full-system optimization, including CPUs alongside accelerators.
• For smaller AI builders and startups, DigitalOcean’s focus on reducing setup friction through tools like 1-Click Droplets for NemoClaw and direct deployment from build.nvidia.com to Serverless Inference represents a practical alternative to hyperscaler complexity for running agents at scale.

27:42 Dave – “They are talking about a bubble – the people I’ve been talking to – but one of the neoclouds I was talking about said, ‘when we get to the point when we don’t have the need, we’re going to start powering the neighborhoods for free, so we’re just going to start giving out power for free’ so hopefully the good neighbor will extend out there.” 

28:12 You can finally change the goofy Gmail address you chose years ago

• Gmail turns 22 years old on April 1, and Google is marking the occasion by finally allowing US-based users to change their Gmail username without creating an entirely new account, addressing a long-standing limitation of the platform.
• The change is limited to once every 12 months per account, which Google has not formally explained but likely serves as a spam mitigation measure to prevent abuse of the feature.
• For cloud and IT professionals managing Google Workspace environments, this raises practical questions around identity management, email routing, and how username changes interact with existing integrations and third-party services tied to a Gmail address.
• The feature is rolling out gradually in the US, so not all accounts will see the option immediately, and it remains to be seen when international users outside the initial test group will get access. You can check here to see if the feature is available to you. 
• This highlights a broader tension in long-lived identity platforms where usernames chosen decades ago become liabilities, and how platforms balance user flexibility with the operational complexity of allowing address changes at scale.

30:00 TeamPCP Attack

• On March 19, threat actor group TeamPCP compromised Trivy, a widely used open-source vulnerability scanner from Aqua Security, by injecting credential-stealing malware into 75 GitHub Action tags, Docker images, and CI/CD pipelines, turning the security tool itself into the attack vector.
• The malware collected SSH keys, cloud credentials, Kubernetes secrets, and environment files from affected systems, with attackers then using those stolen credentials to pivot into LiteLLM, a Python framework for AI model API management, pushing two malicious versions to PyPI that executed automatically on Python process startup.
• The LiteLLM compromise reportedly yielded approximately 500,000 stolen credentials, and the attackers deployed privileged pods across Kubernetes clusters and installed persistent backdoors on nodes, demonstrating how a single supply chain entry point can cascade across entire production environments.
• This attack illustrates a notable pattern in modern supply chain compromises where each set of stolen credentials unlocks the next target, moving from CI/CD pipelines to public package repositories to production infrastructure in a deliberate escalation chain.
• Organizations relying on open-source security tooling in automated pipelines should audit recent Trivy and LiteLLM usage, check for the specific compromised versions noted, and review whether any credentials or secrets were exposed in affected environments.

Con’t Update: Ongoing Investigation and Continued Remediation

• The Trivy supply chain attack began in late February 2026 when attackers exploited a GitHub Actions misconfiguration to extract a privileged access token, then used residual credentials after an incomplete rotation to publish malicious artifacts on March 19, affecting version 0.69.4 and 76 of 77 trivy-action version tags.
• The attack’s most notable technique was force-pushing existing version tags to point at malicious commits, meaning CI/CD pipelines referencing those tags continued running without any visible indication of change, while the payload silently exfiltrated cloud credentials, SSH keys, Kubernetes tokens, and other secrets before legitimate scanning logic executed.
• Any organization that ran affected versions during the compromise window should treat all secrets accessible to those pipeline environments as exposed and rotate them immediately, including cloud provider credentials, container registry tokens, Git credentials, and NPM publish tokens, which researchers confirmed are being actively weaponized across the NPM ecosystem.
• The core hardening lesson from this incident is to pin GitHub Actions to full immutable commit SHA hashes rather than mutable version tags, since version tags can be silently redirected to malicious code without any workflow changes on the consumer side.
• Aqua’s commercial platform was isolated from the compromise because it uses a separate build system with no shared GitHub infrastructure, CI/CD pipelines, or signing systems, and its controlled integration process meant the malicious release was never incorporated into commercial products.

30:51 Hacker hijacks Axios open-source project, used by millions, to push malware

• A hacker compromised a maintainer account for the Axios JavaScript library on npm, pushing malicious versions that included a remote access trojan targeting Windows, macOS, and Linux users. 
• Axios receives over 100 million weekly downloads, making the potential exposure substantial.
• The attack window was approximately three hours before being detected and stopped, but security firm Aikido advises anyone who downloaded Axios during that period to treat their system as compromised. The self-deleting malware complicates forensic investigation and detection.
• Account takeover was the entry point here, with the attacker replacing the legitimate maintainer’s email to delay recovery. This highlights how a single compromised developer credential can weaponize a widely trusted package against an entire downstream ecosystem.
• This is another example of a software supply chain attack, a pattern that has affected SolarWinds, Log4j, and Polyfill.io in recent years. Developers and security teams should be reviewing dependency monitoring practices and considering tools that detect unexpected package version changes automatically.
• For cloud-focused teams, any CI/CD pipeline or serverless function that auto-installs npm dependencies without version pinning or integrity checks is a potential exposure point. Locking dependency versions and using tools like StepSecurity or Aikido for supply chain monitoring are practical mitigations worth discussing.

31:49 Jonathan – “I just can’t believe how much trust, blind trust, dumb trust, if you want to call it that, is involved in an awful lot of open source projects. I mean, the entirety of PyPy – I’ve got a module on PyPy – I could commit some bad code to my repo in 15 minutes; if somebody installs my package, it’s going to run. I’m not aware of a great deal of security checks that happen automatically on the backend there, but that entire ecosystem is built on trust. It’s not good at all.”

AI Is Going Great – Or How ML Makes Money 

34:06 Entire Claude Code CLI source code leaks thanks to exposed map file

• Anthropic accidentally shipped Claude Code npm version 2.1.88 with an exposed source map file, revealing nearly 2,000 TypeScript files and over 512,000 lines of code for the CLI tool. 
• Anthropic confirmed it was a packaging error, not a security breach, and stated that no customer data or credentials were exposed.
• The leaked code has already been archived, posted to a public GitHub repository, and forked tens of thousands of times, meaning the codebase is effectively public regardless of any takedown efforts. 
• This gives competitors and developers a detailed look at how Anthropic built its agentic coding tool.
• Developers analyzing the code have surfaced technical details about Claude Code’s memory architecture, including background memory rewriting and memory validity verification steps. 
• These implementation details were previously undocumented and give insight into how the tool manages context across long coding sessions.
• For cloud developers and teams evaluating AI coding tools, the leak provides an unusually transparent view into the engineering decisions behind a production agentic CLI, which could inform how teams build or evaluate similar tooling. It also raises a practical reminder about source map hygiene in npm package publishing pipelines.

35:51 Jonathan – “The question is, did you really need the unobfuscated source code anyway? You’ve got AI tools. You can literally point Claude at it and say, hey, how does this work? I know because I did it a year ago.”

AWS

37:39 Customize your AWS Management Console experience with visual settings including account color, region and service visibility

• AWS introduced User Experience Customization (UXC) in August 2025 and is now expanding it with the ability to hide unused Regions and services from the console, reducing visual clutter for teams working in scoped environments.
• Account color coding is a practical multi-account management tool, letting administrators assign colors like red for production and orange for development to reduce the risk of accidental changes in the wrong environment.
• The visibility settings are cosmetic only and do not restrict access via AWS CLI, SDKs, or APIs, so teams should not confuse this with a security or governance control like Service Control Policies.
• Administrators can manage these settings programmatically using a new AWS CloudFormation resource type AWS::UXC::AccountCustomization with visibleServices and visibleRegions parameters, making it deployable at scale across accounts.
• There is no additional cost mentioned for UXC customization features, and they are available today in the AWS Management Console with configuration options accessible through the unified settings gear icon.

39:26 AWS Lambda supports up to 32 GB of memory and 16 vCPUs for Lambda Managed Instances

• Lambda Managed Instances now supports up to 32 GB of memory and 16 vCPUs, tripling the previous limits of 10 GB and roughly 6 vCPUs, which opens the door for workloads like media transcoding, large-scale data processing, and scientific simulations to run serverlessly.
• A notable addition here is the configurable memory-to-vCPU ratio at 2:1, 4:1, or 8:1, giving developers actual control over resource balance rather than the fixed proportional scaling that standard Lambda has always used.
• Lambda Managed Instances run functions on managed EC2 instances with built-in routing, load balancing, and auto-scaling, so customers get specialized compute configurations, including the latest-generation processors and high-bandwidth networking without taking on operational overhead.
• Pricing will be worth watching closely since Lambda Managed Instances sit in a different cost tier than standard Lambda, and teams should evaluate whether the compute gains justify the cost difference compared to running equivalent workloads on ECS or EKS.
• Configuration is available through the AWS Console, CLI, CloudFormation, CDK, and SAM in all regions where Lambda Managed Instances are generally available, so adoption fits into existing infrastructure-as-code workflows without requiring new tooling.

40:18 Jonathan – “Lambda’s already pretty cheap to begin with, though. I wonder quite how much they could charge for managing the control plane, and are you still paying for the compute? Not a lot, I would think. Maybe they charge per host, or a small fixed fee per invocation, or something. It’s going to be interesting.”

41:56 AWS launches frontier agents for security testing and cloud operations | Artificial Intelligence

• AWS has launched two generally available frontier agents: AWS Security Agent for autonomous penetration testing and AWS DevOps Agent for incident resolution and SRE tasks. 
• These differ from typical AI assistants in that they operate independently for hours or days without constant human direction to complete complex, multi-step workflows.
• AWS Security Agent ingests source code, architecture diagrams, and documentation to identify attack chains that traditional scanners miss, compressing penetration testing timelines by over 90% according to early customers. This shifts pen testing from a periodic, cost-constrained activity to an on-demand capability available 24/7 across an entire application portfolio.
• AWS DevOps Agent integrates with a broad set of existing tools, including CloudWatch, Datadog, Dynatrace, Splunk, GitHub, and Azure DevOps, making it usable across multicloud and on-premises environments. Preview customers report up to 75% lower MTTR and 94% root cause accuracy, with WGU cutting one incident resolution from two hours to 28 minutes.
• The DevOps Agent can work alongside tools like Kiro and Claude Code to not only identify root causes but generate validated fixes that feed back into CI/CD pipelines, moving the capability beyond investigation into actual remediation.
• Pricing details are not specified in the announcement, so teams evaluating these services should check the AWS Security Agent and AWS DevOps Agent product pages directly for current cost information before planning adoption.

43:07 Jonathan – “Let me just scratch DevOps off my list of potential jobs.” 

46:22 Amazon Bedrock AgentCore Evaluations is now generally available

• Amazon Bedrock AgentCore Evaluations is now generally available, offering automated quality assessment for AI agents through two modes: online evaluation that continuously samples and scores live production traffic, and on-demand evaluation that plugs into CI/CD pipelines for regression testing.
• The service ships with 13 built-in evaluators covering response quality, safety, task completion, and tool usage, reducing the need for teams to build custom scoring logic from scratch before they can start measuring agent behavior.
• For teams with domain-specific needs, custom evaluators can be configured using your own prompts and model choice for LLM-based scoring, or implemented as Python or JavaScript functions hosted in Lambda for code-based evaluation logic.
• Ground Truth support lets developers measure agents against reference answers, behavioral assertions at the session level, and expected tool execution sequences, giving teams a structured way to define and validate what correct agent behavior actually looks like.
• AgentCore Evaluations integrates with AgentCore Observability for unified monitoring and real-time alerts, and is available across nine AWS regions, including US East, US West, multiple Asia Pacific regions, and two European regions. Pricing details are not specified in the announcement, so check the AWS pricing page for current costs.

47:17 Justin – “I like the idea of this, but then if you’re continuously monitoring it and it degrades, what do you do? What’s step two? Like, we detected it, cool, now what?”

57:10 Build a FinOps agent using Amazon Bedrock AgentCore

• AWS published a reference architecture for building a FinOps agent using Amazon Bedrock AgentCore that consolidates data from Cost Explorer, AWS Budgets, and Compute Optimizer into a single conversational interface, giving finance teams natural language access to cost analysis without navigating multiple consoles.
• The solution uses five CDK stacks to wire together AgentCore Runtime, Gateway, Memory, and Identity components alongside the Strands Agent SDK and Model Context Protocol servers, showing how these newer AgentCore building blocks fit together in a production-style deployment that takes roughly 15-20 minutes to stand up.
• AgentCore Memory retains 30 days of conversation context, which means users can ask follow-up questions like “what about the second one?” without re-explaining prior context, a practical improvement for teams doing iterative cost investigations.
• The architecture transforms open-source AWS Labs MCP servers from stdio transport to streamable HTTP, builds them as ARM64 Graviton container images, and hosts them on AgentCore Runtime with JWT authorization, which is a useful pattern for teams looking to adapt existing MCP tooling for hosted agent environments.
• Pricing for this solution involves multiple services, including Bedrock model inference with Claude Sonnet 4.5, AgentCore Runtime and Memory, Cognito, CodeBuild, and ECR, so costs will vary based on query volume and conversation history retention rather than a flat rate.

58:31 Dave – “I can’t wait to kick the tires on that one!” 

59:03 Building an AI-powered system for compliance evidence collection

• AWS published a reference architecture for automating compliance evidence collection using Amazon Bedrock with the Amazon Nova 2 Lite model and a browser extension for Chrome and Firefox. 
• The solution replaces manual screenshot workflows by executing pre-defined JSON workflows that navigate web applications, capture timestamped screenshots, and store organized evidence in S3.
• The AI layer operates in three modes: chat for ad-hoc compliance questions, designer mode for generating workflow JSON from uploaded compliance documents, and report generation mode that produces an HTML report delivered via Amazon SES after workflow completion.
• Authentication uses Amazon Cognito with AWS STS to provide scoped, least-privilege credentials to the browser extension, meaning the extension only gets access to Bedrock, S3, and SES rather than broad account permissions.
• The entire infrastructure deploys via a single CloudFormation template that creates the Cognito user pool, identity pool, S3 bucket with encryption and versioning, IAM roles, and Lambda functions in minutes. The sample code is available at the aws-samples GitHub repository.
• Costs will vary based on Amazon Bedrock Nova 2 Lite inference usage, S3 storage for screenshots and reports, and SES sending volume, so organizations with frequent audit cycles should model their expected workflow execution frequency before deploying at scale.

1:00:00 Jonathan – “Screenshots? Why are we using screenshots in 2026?” 

GCP

1:00:46  TurboQuant: Redefining AI efficiency with extreme compression

• Google Research has published TurboQuant, a vector quantization algorithm that compresses LLM key-value cache data to as low as 3 bits without requiring model retraining or fine-tuning, while maintaining accuracy on standard benchmarks like LongBench and Needle In A Haystack using Gemma and Mistral models.
• The core technical approach combines two sub-algorithms: PolarQuant, which converts vectors to polar coordinates to eliminate normalization overhead, and QJL (Quantized Johnson-Lindenstrauss), which uses a single sign bit per value to achieve zero memory overhead error correction.
• Performance results show 4-bit TurboQuant achieves up to 8x speedup in computing attention logits compared to 32-bit unquantized keys on H100 GPUs, and reduces key-value memory footprint by at least 6x, which is relevant for teams running inference at scale.
• For vector search use cases, TurboQuant outperforms existing methods like PQ and RabbiQ on recall ratios without requiring dataset-specific tuning or large codebooks, making it a practical option for semantic search systems operating over billions of vectors.
• Google notes this research applies directly to Gemini’s key-value cache bottlenecks and large-scale search infrastructure, though no specific GCP product integration or pricing details have been announced alongside the research publication.

1:02:28 Jonathan – “What’s funny about this whole technology is that the video game industry has been using exactly the same algorithms for 25 years. And this is just a new application of the same technology. It’s kind of funny. Hey guys, we’ve got a new paper out!”

1:03:41 AI Tools for Sustainable Infrastructure and Reporting

• Google published an open-source AI playbook for sustainability reporting, documenting how they used Gemini to cross-reference environmental claims against internal policies and NotebookLM to turn their static Environmental Report into a queryable knowledge base. 
• The playbook includes specific prompts and lessons learned, making it a practical resource for teams building similar workflows.
• Equinix built a sustainability data lake in BigQuery that automatically ingests data from 240+ global sites, reducing their reporting cycle from weeks of manual spreadsheet work to on-demand insights. This was driven by a 46% year-over-year increase in customer sustainability data requests, which made manual processes unsustainable at scale.
• The Equinix case illustrates a cost and efficiency argument for serverless architecture, where moving to BigQuery eliminated idle compute resources, reduced energy consumption, and improved performance per watt. Google frames this as a triple win of price, performance, and environmental footprint.
• Google is connecting this work to their Well-Architected Framework sustainability pillar, using a 4Ms model covering Machine, Model, Mechanization, and Map as a structured approach for customers designing efficient AI and data infrastructure. 
• The WAF sustainability pillar documentation is available here.
• The practical takeaway for GCP customers is that sustainability reporting can shift from a manual compliance exercise to a data product with strategic value, particularly for organizations managing large real estate or infrastructure footprints where energy and resource data is already being collected across many sites.

Azure

1:04:36 Public Preview: AI Agent for container networking troubleshooting

• Azure has launched a public preview of an AI agent designed to help engineers troubleshoot Kubernetes networking issues through a lightweight web-based interface, addressing the common problem of logs and metrics being scattered across multiple tools.
• The core value here is reducing manual correlation work during incidents, where engineers typically have to jump between kubectl, Azure Monitor, and other diagnostics tools to piece together what went wrong in a cluster network.
• This fits into Microsoft’s broader push to embed AI assistance directly into operational workflows rather than requiring engineers to leave their environment and consult separate documentation or support channels.
• Target users are platform and DevOps engineers running containerized workloads on Azure Kubernetes Service who deal with networking incidents and want faster root cause identification without deep networking expertise.
• The feature is currently in public preview, so pricing details are not yet confirmed, and teams should evaluate it with that in mind before building it into critical incident response workflows. More details are available at the Azure Updates page at azure.microsoft.com/en-us/updates with ID 557887.

1:05:33 Dave – “Well, my first thought on this is that if most teams, at least that I’ve built, are already pulling all that data in there and finding a way to correlate the data and we resolve those issues quicker. So good for them for just automating that.”

Closing

And that is the week in the cloud! Visit our website, the home of the Cloud Pod, where you can join our newsletter, Slack team, send feedback, or ask questions at theCloudPod.net or tweet at us with the hashtag #theCloudPod

Download audio: https://episodes.castos.com/5e2d2c4b117f29-10227663/2416816/c1e-5rkrb71843hq6xko-ww4zzgjvh9gp-0sqnto.mp3

I wanted to hook up Claude Code to be able to interact with my local wordpress-develop core development environment via MCP (Model Context Protocol). I couldn’t find documentation specifically for doing this, so I’m sharing how I did it here.

Assuming you have set up the environment (with Docker) and started it via npm run env:start.

1. Install & Activate the MCP Adapter plugin

The MCP adapter is not currently available as a plugin to install from the plugin directory. You instead have to obtain it from GitHub and install it from the command line. I installed it as a plugin instead of as a Composer package:

cd src/wp-content/plugins
git clone https://github.com/WordPress/mcp-adapter
cd mcp-adapter
composer install

Next, activate the plugin. Naturally, you can also just activate the “MCP Adapter” plugin from the WP admin. You can also activate it via WP-CLI (but from the project root working directory, since you can’t run this command from inside of the mcp-adapter directory:

npm run env:cli -- plugin activate mcp-adapter

2. Register the MCP server with Claude

Here’s the command I used to register the wordpress-develop MCP server with Claude:

claude mcp add-json wordpress-develop --scope user '{"command":"npm", "args":["--prefix", "~/repos/wordpress-develop/", "run", "env:cli", "--", "mcp-adapter", "serve", "--server=mcp-adapter-default-server", "--user=admin"]}'

Here’s the JSON with formatting:

{
	"command": "npm",
	"args": [
		"--prefix",
		"~/repos/wordpress-develop/",
		"run",
		"env:cli",
		"--",
		"mcp-adapter",
		"serve",
		"--server=mcp-adapter-default-server",
		"--user=admin"
	]
}

You may want to remove --scope user if you just want to register the MCP server for the one project. I tend to re-use the same WP environment for multiple projects (core and plugins), so I think it may make it easier for me to install at the user level instead.

You will also need to change the --prefix arg’s ~/repos/wordpress-develop/ value to correspond to where the repo is actually cloned on your system. I include this arg here so that when I start claude inside of a plugin project (e.g. inside src/wp-content/plugins/performance), it is able to successfully run the npm command in the package.json in the ancestor directory. You can remove this --prefix arg if this is not relevant to you.

Change the user from admin according to your needs.

3. Expose all abilities to MCP

Registered abilities are not exposed to MCP by default. This is a safety measure so that AI agents have to be explicitly allowed to perform potentially sensitive actions. So without any plugins active other than the MCP Adapter, prompting Claude with “discover abilities” results in:

No abilities found. The MCP server connection may be unstable. Try reconnecting again with /mcp.

However, since this is a local development environment, there is no concern about this (for me at least). To opt in all abilities to be exposed to MCP by default, you can use the following plugin code:

add_filter(
	'wp_register_ability_args',
	static function ( array $args ): array {
		if ( wp_get_environment_type() === 'local' ) {
			$args['meta']['mcp']['public'] = true;
		}
		return $args;
	}
);

This is also available in a gist, to facilitate installation via Git Updater.

Note: This filter does not currently apply if your ability is registered by extending Abstract_Ability in the AI plugin.

At this point, I can now open Claude (or re-connect to the MCP server) and see that it is able to see all (er, most) abilities that are registered on my wordpress-develop env with the same prompt “discover abilities”:

3 WordPress abilities available:

core/get-environment-info — Returns runtime context (PHP, database, WordPress version) with the ability name.

core/get-site-info — Returns site information (all fields or filtered subset)

core/get-user-info — Returns current user profile details

When I prompt “what’s the environment info?” it executes the core/get-environment-info ability via MCP and prints out:

• Environment: local
• PHP Version: 8.3.26
• Database Server: 8.4.8 (MySQL)
• WordPress Version: 7.1-alpha-62161-src

Now the environment just needs more abilities! I’ve filed a Performance Lab issue for us at the Core Performance table to work on adding abilities during Contributor Day at WordCamp Asia tomorrow.

---

Where I’ve shared this:

• LinkedIn
• Twitter
• Bluesky
• Threads
• Mastodon

The post Adding an MCP Server to the WordPress Core Development Environment appeared first on Weston Ruter.

As it turns out, Microsoft’s “Windows quality” push is bigger than expected. The company’s blog sure felt like an admission that Windows 11 had gone off track, and more importantly, it was a clear plan to fix the OS.

Windows chief, Pavan Davuluri, laid out the roadmap, but it didn’t stop there. Engineers, designers, and product leads started responding to users directly on X, confirming features, explaining decisions, and in some cases, openly agreeing with criticism. It’s a system-wide reset for Windows 11.

Microsoft is targeting almost every part of the OS at once. UI consistency, performance under load, reliability across hardware, Windows Update behavior, developer tooling, and even how first-party apps are built (which is what excites me the most). A few changes are already rolling out in Insider builds, some are coming in April, and the rest are planned throughout 2026.

It’s also the first time in years where multiple teams inside Microsoft seem aligned on a single goal to make Windows faster, calmer, and more predictable to use.

This is easily the most comprehensive set of changes planned for Windows 11 so far. So, we did the hard research, scoured through the X posts and replies, and made a full list of all confirmed features coming to Windows this year.

1. Taskbar finally becomes customizable again

Movable taskbar is one of those features that should’ve never been removed in the first place. Fortunately, Windows 11 is finally bringing back the ability to move the taskbar to the top, left, or right side of the screen.

This has been one of the most requested features since Windows 11’s launch, especially from users with vertical monitors and multi-display setups. Soon, you’ll be able to reposition it directly from the right-click menu.

On top of that, Microsoft is also working on proper taskbar resizing. Not just smaller icons, but a compact taskbar mode similar to Windows 10. Early builds also suggest multiple size options, which should make the UI more usable on smaller screens.

2. Start menu is getting speed, control, and a native code

The Start menu is finally going back to basics. Microsoft is moving core parts of the Start menu away from React-based components to native WinUI. This is a big change. The current Start menu uses a mix of web-based layers, which is one of the reasons it sometimes feels slower than it should.

The Start menu Recommendation section was also based on React, and is now getting options to be disabled or control what appears there.

By moving to WinUI 3, Microsoft can reduce interaction latency at the platform level, making it potentially feel as snappy as earlier versions of Windows.

Windows Search results will prioritize installed apps and system components instead of mixing in irrelevant web suggestions. Microsoft is also tweaking the ranking system, so frequently used apps actually show up where you expect them to.

3. Copilot is being scaled back and made optional

Microsoft is finally dialing things down with Copilot. Over the past year, AI features were pushed into almost every part of Windows, including apps like Notepad, Photos, Snipping Tool, and File Explorer.

Now, Microsoft has confirmed it’s removing unnecessary Copilot entry points across these apps and focusing only on scenarios where it adds value. The goal is to make AI feel intentional.

Note that Copilot can already be uninstalled like any other app.

But this doesn’t mean that Microsoft is ditching Copilot. Features like Narrator working with Copilot across devices, which is coming soon, show that Microsoft still sees AI as important, just not everywhere.

4. Windows Update is being completely rethought

Windows Update might finally stop being a meme. Microsoft is introducing long-requested changes that give users control over updates. You’ll be able to pause updates for as long as you want, without the system forcing a restart in the background.

The company is also moving toward a single monthly reboot model, which is also called the Patch Tuesday update, that comes on the second Tuesday of each month.

5. Windows setup (OOBE) is becoming faster and less restrictive

Setting up a new Windows laptop or PC has felt so long to the point of massive annoyance. Windows Latest recently did a full breakdown of all the things that happen during Windows 11 Setup, and we found the process took more than an hour. Microsoft has now confirmed that this is finally changing.

The company is streamlining the entire out-of-box experience. Fewer steps, no reboots, and less clutter during setup. Instead of pushing services, apps, and sign-ins at every screen, the new OOBE will get you to the desktop faster.

There’s also internal pushback against forcing a Microsoft account during setup. Senior engineers have openly said they’re working on an MSA-free setup option, which may be, if not, the most criticized part of Windows 11.

This is clearly a response to two things. Setup taking too long, and users feel like they’re being pushed into an ecosystem before they even start using the PC.

Also, Windows updates during OOBE are responsible for it taking 45 minutes. Soon, you’ll be able to skip updates entirely. All these may finally make Windows 11 setup feel as fast as setting up a new MacBook!

6. File Explorer is getting real performance fixes

Microsoft has already improvied launch speed of the File Explorer by preloading parts of Explorer in the background. Now, more improvements to the app are coming soon. UI flicker is being reduced, navigation is becoming smoother, and basic interactions are being optimized.

Search inside Explorer is also getting faster and more reliable, which has been a long-standing issue. Large file transfers, another weak point, are being made more stable to avoid slowdowns and random failures.

On top of that, smaller usability updates are being added. Voice typing for renaming files is already rolling out, and more incremental improvements are expected over the next few months.

7. Windows is finally fixing dark mode inconsistencies

Windows 11 looks modern until you open the wrong dialog box. Microsoft is now going through legacy and system UI elements and bringing proper dark mode support across the board. This includes the Run dialog, account dialogs, file property windows, Registry Editor, and various operation pop-ups that still default to light mode.

Design inconsistency has been one of the most visible issues in Windows 11, and fixing it requires touching dozens of small components across the OS.

Microsoft’s Partner Director of Design, March Rogers, said that the company is focusing on fixing the designs of various elements, pages, and settings in Windows 11. It’s great to know that Windows is getting a much-needed design treatment.

8. Settings app redesign while Control Panel migration continues

As first noted by Windows Latest, Microsoft is still working toward replacing the Control Panel, but now it’s clear why it’s taking so long.

More Settings pages are being redesigned for clarity, including cleaner layouts and better grouping of options. Network and printer settings, which still depend heavily on the Control Panel, are gradually being moved into the modern Settings app.

But the transition isn’t simple.

As Microsoft’s Partner Director of Design has explained, a lot of these legacy controls are tied to drivers, hardware behavior, and enterprise workflows. Moving them too quickly risks breaking devices that still count on older systems. So the migration is slow by design.

Windows can’t just drop legacy systems the way macOS does. It has to carry them forward without breaking compatibility, and that makes every UI change more complicated.

9. System performance and responsiveness improvements

A lot of Windows 11’s problems come down to how it feels to use, not just what it looks like. Microsoft is reducing baseline RAM usage across the OS, which should free up memory for apps and improve multitasking, especially on lower-end devices. At a time when RAM prices are soaring, Windows using too much memory even when idle isn’t ideal.

At the same time, the company is reducing interaction latency by moving more components to native WinUI 3. Right now, many parts of Windows use WebView2 and other layered UI systems, which introduce delays between input and response.

With a native UI, Microsoft can cut down this overhead. The result should be faster clicks, smoother animations, and a more consistent feel across the system.

10. Hardware reliability fixes across the system

Performance doesn’t matter much if basic hardware doesn’t work reliably. Microsoft is focusing heavily on stability across drivers and connected devices, like reducing system crashes, improving driver quality, and making for better hardware interactions.

Bluetooth is getting fixes for random disconnects and pairing issues. USB reliability is being improved to reduce connection failures. Camera and microphone behavior is also being stabilized, particularly for work and video calls.

For an OS that runs on a massive range of hardware, this is a very important part of the entire list of fixes coming to Windows 11.

11. New Bluetooth and audio capabilities

A new shared audio feature will let you play sound through two Bluetooth devices at the same time. That means you can connect two headphones or speakers and mirror audio without third-party tools.

At the same time, Quick Actions is being fixed. Bluetooth randomly disappearing, pairing failures, and inconsistent device switching are all being addressed. Microsoft has already confirmed this is part of a wider push to make connections faster and more reliable.

12. Windows Hello is getting more reliable

Microsoft is improving Windows Hello biometric authentication, targeting both facial recognition and fingerprint sensors. Enhancements include more reliable facial recognition so users can trust sign-in to work consistently when needed, faster and more dependable fingerprint sign-in with fewer retries and failed attempts, and better support for different hardware setups.

Microsoft is also making secure sign-in easier on gaming handhelds (such as the ROG Xbox Ally X) by adding full gamepad support for PIN creation during initial setup and in Settings.

13. Better haptic feedback and touchpad features

Windows is getting haptic feedback for window actions like snapping, resizing, and closing. At a time when more Windows 11 laptops are getting haptic touchpads, this is a very welcome change.

Speaking of touchpads, a new update will also add an option to choose how large the right-click zone size is on the touchpad. There would be default, small, medium, and large options which, when clicked with a single finger, would trigger a right-click.

14. WSL is getting major developer-focused upgrades

Microsoft isn’t ignoring developers while fixing Windows. In fact, WSL is getting some of the most meaningful upgrades in this entire roadmap.

File access between Linux and Windows, especially through /mnt/c, is being optimized for faster read and write speeds. This has been one of the biggest pain points for developers working across environments.

Network performance is also improving, with better throughput and more reliable localhost communication in WSL2, which matters for anyone running dev servers, containers, or backend services locally.

Onboarding is being simplified as well. Fewer steps to get started, less friction when installing distributions, and better defaults.

For enterprise use, Microsoft is adding stronger policy controls and security layers, making WSL more viable in managed environments. Microsoft wants to keep developers on Windows instead of losing them to macOS or Linux.

15. Microsoft is making 100% native first-party apps for Windows 11

Microsoft is putting together a dedicated team to build fully native Windows apps, reducing reliance on WebView2 and web-based wrappers. This was confirmed by Partner Architect Rudy Huyn, who is actively hiring for this initiative.

After years of leaning on web technologies, Microsoft is moving back toward native performance and tighter OS integration.

Windows Latest’s analysis made it clear why Windows 11 keeps getting web apps instead of native apps. If Microsoft wants developers to take native frameworks seriously again, it has to lead by example. Building first-party native apps without web layers is a step in the right direction.

16. New Feature Flags system can replace ViVeTool

For years, power users used third-party tools like ViVeTool to enable hidden Windows features. Microsoft is now bringing that capability into the OS itself.

A new Feature Flags page in Settings will let Insider users toggle experimental features directly, without external tools.

This is clearly aimed at testers and enthusiasts, as it has a warning sign, but it also shows a change in how Microsoft handles experimentation. Instead of hiding everything behind unofficial tools, it’s making the process more transparent and accessible.

17. Feedback Hub and Insider experience improvements

The Feedback Hub is getting a redesign with faster submission, a cleaner interface, and better interaction with other users. The goal is to make reporting issues feel less like a chore.

The Windows Insider Program is also being updated. Clearer channel selection, better explanations of what each build offers, and more visibility into how feedback is used.

18. A quieter Windows with fewer ads and interruptions

Let’s just say I saved the best for last. Windows is becoming a quieter OS.

That includes reducing upsells for Edge, Bing, and Microsoft 365, cutting down intrusive prompts, and making the overall experience less aggressive. This has been directly acknowledged by Microsoft leadership, including Scott Hanselman.

It also ties into changes in Widgets, notifications, and even setup. The OS is being redesigned to interrupt less and stay out of your way.

Widgets are being dialed back. Instead of pushing content aggressively, Microsoft is introducing quieter defaults, better personalization, and more control over what shows up in the feed. The Discover section, in particular, is being cleaned up to feel less like a content dump.

When is Windows 11 getting all these updates?

Microsoft isn’t shipping this as one big update, and that’s probably a good thing.

The first wave is already rolling out to Windows Insiders, with more features landing through April. From there, everything moves into monthly updates throughout 2026, first as optional preview updates, and then into standard Patch Tuesday releases.

Some changes, like File Explorer fixes, Start menu improvements, and reduced Copilot clutter, are arriving early. Others, like deeper performance optimizations, native app transitions, and system-wide consistency fixes, will take longer and roll out gradually over the year.

Microsoft is making a year-long grind to rebuild Windows 11, and for the first time, this feels like a genuine effort.

The post 18 new features coming to Windows 11 in 2026, confirmed by Microsoft appeared first on Windows Latest

Microsoft is losing another veteran executive. Julia Liuson, head of Microsoft's developer division (DevDiv), is resigning from the software giant after 34 years. Liuson spent the past 12 years leading Microsoft's developer business, during a period Microsoft focused more on open source projects and acquired GitHub for $7.5 billion.

Liuson will continue as head of DevDiv until the end of June, and then move to an "advisory role" reporting to Microsoft CoreAI chief Jay Parikh, according to an internal memo seen by The Verge. It's not immediately clear who will replace Liuson, or whether the DevDiv team will simply report up to Parikh in the …

Read the full story at The Verge.

We recently announced the integration between Mend.io and Docker Hardened Images (DHI) provides a seamless framework for managing container security. By automatically distinguishing between base image vulnerabilities and application-layer risks, it uses VEX statements to differentiate between exploitable vulnerabilities and non-exploitable vulnerabilities, allowing your team to prioritize what really matters.

TL;DR: The Developer Value Proposition

The hallmark of this integration is its zero-configuration setup.

• Automatic Detection: Mend.io identifies DHI base images automatically upon scanning. No manual tagging or configuration is required by the developer.
• Visual Indicators: Within the Mend UI, DHI-protected packages are marked with a dedicated Docker icon and informative tooltips, providing immediate transparency into which components are managed by Docker’s hardened foundation.

Transparent Layers: Users can inspect findings by package, layer, and risk factor, ensuring a clear audit trail from the base OS to the custom application binaries.

Dynamic Risk Triage: VEX + Reachability

Standard scanners flag thousands of vulnerabilities that are present in the file system but never executed. This integration uses two layers of intelligence to filter the noise:

• Risk Factor Integration: Mend.io incorporates Docker’s VEX (Vulnerability Exploitability eXchange) data as a primary source of “Risk Factor” identification.
• The “Not Affected” Filter: If a CVE is marked as not_affected by Docker’s VEX data or determined to be Unreachable by Mend’s analysis, it is deprioritized.

Bulk Suppression: Developers can suppress non-functional risks in bulk—potentially clearing thousands of non-exploitable vulnerabilities with a single click—allowing teams to focus on the 1% of reachable, exploitable risks in their custom layers.

Operationalizing Security with Workflows

Mend.io allows organizations to move beyond simple scanning into automated governance:

• SLA & Violation Management: Automatically trigger violations and set remediation deadlines (SLAs) based on vulnerability severity.
• Custom Alerts: Configure workflows to receive instant notifications (via email or Jira) whenever a new DHI is added to the environment.

Pipeline Gating: Use Mend’s workflow engine to fail builds only when high-risk, reachable vulnerabilities are introduced in custom code, keeping the CI/CD pipeline moving.

Continuous Patching & AI-Assisted Migration

• Automated Synchronization: For Enterprise DHI users, patched base images are automatically mirrored to Docker Hub private repositories. Mend.io verifies these updates, confirming that base-level risks have been mitigated without requiring a manual Pull Request.
• Ask Gordon: Leverage Docker’s AI agent to analyze existing Dockerfiles and recommend the most suitable DHI foundation, reducing the friction of migrating legacy applications to a secure environment.

The Mend.io and Docker integration operationalizes this by providing an auditable trail of security declarations, ensuring compliance is a byproduct of the standard development workflow rather than a separate, manual task.

Learn more

Learn more about the integration and Docker’s VEX statements in the following links:

• Check Docker Hardened Images documentation: https://docs.docker.com/dhi/ 
• Start your free Docker Hardened Image trial: https://hub.docker.com/hardened-images/start-free-trial

Read Mend’s point of view on the benefits of VEX: https://www.mend.io/blog/benefits-of-vex-for-sboms/

How do you make your agents more knowledgeable about your company data? Carl and Richard talk to Ed Charbeneau about Progress Agentic RAG-as-a-Service, using NucliaDB as a vector data store to organize your company information into a form an agent can work with efficiently. Ed talks about the various approaches available today for providing timely company data to agents and the power of a dedicated data store and service model so that you spend less time on plumbing and more time building a great agentic app. The products are open source and have great .NET SDKs - check them out!



Download audio: https://dts.podtrac.com/redirect.mp3/api.spreaker.com/download/episode/71125111/dotnetrocks_1997_agentic_rag.mp3