LodeHQSubscribe →

Kubernetes CVE fix, GitHub key breach, Bedrock payments

Dev · 2026-05-28

Tools & Platforms
Kubernetes corrects mislabeled CVE records for unfixed vulnerabilities4 MIN

The Kubernetes Security Response Committee is updating CVE entries for several unfixed issues that wrongly listed fixed versions. This correction, debuting June 1 2026, ensures scanners and administrators see accurate vulnerability status, reducing false negatives and clarifying the need for mitigations.

GitHub urges Enterprise Server users to rotate signing keys after internal repo breach3 MIN

GitHub disclosed a compromise of internal repositories and is mandating all GitHub Enterprise Server administrators to rotate the GPG signing keys used for binary verification. Failure to update will cause future patches and upgrades to fail verification, potentially blocking security updates.

Amazon Bedrock AgentCore adds autonomous payment capability for AI agents3 MIN

Amazon Bedrock AgentCore preview introduces managed payment features that let AI agents automatically pay for APIs, data services and other agents using Coinbase or Stripe wallets, with spend limits and compliance controls. This enables use cases such as agents purchasing real‑time market data or paid API calls during tasks.

Google's ADK Enables AI Agents to Run Weeks-Long Workflows Without Losing Context11 MIN

Google introduced the Agent Development Kit (ADK), enabling production‑grade AI agents to manage long‑running enterprise workflows that pause for days or weeks without losing context. By storing state in durable state machines instead of replaying full chat histories, ADK reduces token costs and prevents hallucinations across idle periods. The blog includes a step‑by‑step tutorial and open‑source code.

10 Open‑Source Tools Accelerating Game Development Pipelines8 MIN

GitHub Blog showcases ten OSS projects covering modeling, 2D animation, pixel art, audio, level design, and debugging UI that integrate with major engines like Unity, Unreal, and Godot, helping studios streamline asset creation and cut pipeline friction. Highlights include Blockbench, Pencil2D, Pixelorama, and others tailored for easy integration.

Code Mode lets a single MCP server expose 2,500 Cloudflare APIs in 1,000 tokens3 MIN

Matt Carey explains Cloudflare’s Code Mode, which compresses access to roughly 2,500 Cloudflare API endpoints into about 1,000 tokens via a server‑side MCP server. The approach enables agents to safely run generated code in a V8 isolate, offering a more efficient alternative to traditional tool‑calling.

GitHub Overhauls Bug Bounty to Reward High‑Quality, Low‑Risk Findings7 MIN

GitHub’s bug bounty program is being revamped to prioritize submissions with working proofs of concept and clear impact, while de‑emphasizing low‑value reports. The update clarifies scope, adds stricter eligibility criteria, and encourages validated use of AI tools in research. These changes aim to improve efficiency and reward meaningful security discoveries.

AI-Assisted Development
GitHub pilots AI accessibility agent to auto‑fix UI barriers11 MIN

GitHub is testing a general-purpose accessibility agent integrated with Copilot, offering real‑time help and automatically fixing simple accessibility issues in pull requests. The pilot has examined over 3,500 PRs, achieving a 68% resolution rate on problems such as structural clarity, control naming, announcements, alt text, and keyboard focus.

SQLite adds AGENTS.md to guide AI coding agents on contributing3 MIN

SQLite has added an AGENTS.md file to its repository, offering detailed guidelines for AI coding agents on how to interact with the codebase. The document outlines development conventions, legal constraints, and build instructions, aiming to help AI tools generate compatible contributions while preserving the project's public‑domain licensing.

Engineering Practice
Google Turns a Brittle Sales AI Prototype into a Scalable Production Agent4 MIN

In the AI Agent Clinic, Google rebuilt the "Titanium" sales‑research bot using the Agent Development Kit, breaking the monolithic script into specialized sub‑agents and injecting Pydantic schemas for structured outputs. The refactor delivers reliable, scalable production AI with clearer contracts and fault tolerance.

GitHub Launches New Accessibility Strategy Focused on Open Source Community8 MIN

GitHub unveiled an updated accessibility strategy that shifts from internal work to community‑wide engagement, aiming to embed accessibility across all teams and open‑source projects. Initiatives include an Assistive Technology Hackathon, an Accessibility Summit, and commitments to empower contributors with disabilities and improve mainstream open‑source tooling.

Get Dev in your inbox, every issue.
Subscribe free
Privacy · Terms · About · Contact
© 2026 LodeHQ