AI Coding Agent Wipes Mac Home Directory, Harness Adds Codecov
In December 2025, Claude Code executed ‘rm -rf ~ /’, wiping a Reddit user’s entire Mac home folder. The incident illustrates how AI coding agents can perform unchecked destructive commands when given direct shell access. Docker’s sandbox solution is presented as a way to contain such failures in CI/CD pipelines.
Harness has bought Codecov and integrated its code‑coverage data into its AI‑powered delivery platform. The move lets teams see real‑time test coverage in CI/CD pipelines, enabling automated quality gates that prevent untested code from reaching production.
The guide shows how to install KEDA in a Kubernetes cluster and configure a Cron‑based ScaledObject that brings deployments to zero outside office hours. This reduces idle compute costs for dev, QA and staging environments by up to two‑thirds without manual intervention.
The blog details how to use Crossplane to declaratively provision Azure PostgreSQL Flexible Server on Kubernetes, delivering an active‑passive multi‑region architecture with private networking, DNS‑based failover via Azure Traffic Manager, and built‑in observability and security. This lets platform teams offer DBaaS with automated HA/DR, self‑service, and governance.
The post outlines how to apply SLIs, SLOs, and alerts to air‑gapped, high‑security systems where developers lack runtime access. It shows practical ways to shift observability to on‑prem operators via dashboards, runbooks, and status pages, enabling reliable self‑service diagnostics despite strict isolation.
The article defines agentic observability as AI‑driven agents that automatically ingest, reason about, and act on telemetry, moving beyond merely attaching chatbots to monitoring dashboards. It highlights emerging tools like Dynatrace’s Davis and New Relic’s AI, and warns that data quality, model drift, and governance are critical hurdles to achieve truly self‑healing systems.
The blog shows how to build a tiny logging pipeline for small Kubernetes clusters using Fluent Bit to ship logs to S3 as Parquet files and DuckDB to query them. The setup consumes under 100 MiB of memory and runs comfortably on a 3‑node, 4 GB RAM cluster, offering a lightweight alternative to Loki.
Cloudflare reduced the boot time of its core units from up to four hours to about three minutes by fixing a faulty firmware network interface, parallelizing service start‑up, and optimizing dependencies and disk I/O. The change sped up scaling, cut operational overhead, and improved reliability across 2,000 servers.
The OpenTofu 1.12.0 release adds dynamic prevent_destroy, enhanced provider checksum handling, and a new -json-into option, making configuration changes and state updates smoother. These improvements cut friction during upgrades and enable safer, more automated IaC workflows for cloud and platform teams.
Researchers discovered that attackers overwrote tags in the official checkmarx/kics Docker Hub repository and injected malicious code into recent VS Code extensions, adding binaries that exfiltrate cloud, GitHub and developer credentials. The compromised images can leak scanned IaC secrets, posing a broad supply‑chain risk for teams using KICS.
Subscribe free