Posts

[MS] Axios npm Supply Chain Compromise – Guidance for Azure Pipelines Customers - devamazonaws.blogspot.com

On March 31, 2026 , malicious versions of the widely used JavaScript HTTP client library Axios were briefly published to the npm registry as part of a supply chain attack. The affected versions — 1.14.1 and 0.30.4 — included a hidden malicious dependency that executed during installation and connected to attacker-controlled command-and-control (C2) infrastructure to retrieve a second-stage payload. Because modern development workflows frequently rely on automated dependency resolution during CI/CD builds, environments such as developer workstations and build agents—including those used in Azure Pipelines—may have been exposed if they resolved the compromised versions during installation or update. For a detailed technical analysis of the attack and recommended mitigations, please refer to the Microsoft Security Blog: Mitigating the Axios npm Supply Chain Compromise on the Microsoft Security Blog. Impact on Azure Pipelines This incident does not represent a compromise of Azure...
Post a Comment
Read more

Amazon SageMaker HyperPod now supports automatic Slurm topology management - devamazonaws.blogspot.com

Amazon SageMaker HyperPod now automatically selects and continuously maintains the optimal network topology configuration for Slurm clusters based on the GPU instance types in the cluster. Network topology directly impacts distributed training performance — when jobs are placed on nodes that are topologically close, GPU-to-GPU communication is faster, NCCL collective operations are more efficient, and training throughput improves. HyperPod dynamically adapts the topology as the cluster evolves through scaling operations and node replacements, so job placement remains optimized throughout the cluster lifecycle without requiring manual updates to topology files or Slurm reconfiguration. HyperPod inspects the instance types across all instance groups at cluster creation, identifies the networking and interconnect characteristics of each instance type, and automatically selects the best-fit topology model. HyperPod supports tree topology for instance types with hierarchical interconnects...
Post a Comment
Read more

AWS Transform automates landing zone creation in migration workflows - devamazonaws.blogspot.com

AWS Transform now supports landing zone creation directly within migration workflows, delivering a secure, multi-account AWS environment tailored to your migration needs. By consolidating orchestration into AWS Transform, it automates the setup that previously required configuration across AWS Control Tower, AWS Organizations and AWS Identity and Access Management, accelerating migration readiness with a ready-to-deploy target environment. This new capability extends the end-to-end automation that AWS Transform provides across the migration lifecycle from discovery and migration planning to network and server migration, so that preparing the target environment is no longer a separate workstream. Whether starting from scratch or extending an existing AWS organization, AWS Transform aligns landing zone foundations with AWS best practices, recommending optimal account structures based on migration data and business requirements. Customers can customize Organizational Unit (OU) hierarchi...
Post a Comment
Read more

Amazon IVS Low-Latency Streaming now supports server-side ad insertion - devamazonaws.blogspot.com

Amazon Interactive Video Service (Amazon IVS) Low-Latency Streaming now supports server-side ad insertion (SSAI), enabling you to monetize your live streams with video ads. IVS SSAI integrates with AWS Elemental MediaTailor to stitch ads directly into the video stream on the server, delivering a seamless viewing experience while providing access to ad decisioning, audience targeting, and personalization capabilities.  IVS provides an API operation to insert ad breaks into your live stream, giving creators or operators control over when ads run. Ads are stitched into the stream on the server, reducing the impact of ad blockers and simplifying client-side integration. When a live stream is recorded to Amazon S3, IVS includes ad markers in the recording, enabling you to monetize on-demand content as well.  Amazon IVS is a managed live streaming solution designed to make low-latency or real-time video available to viewers around the world. Visit the AWS region table for a full...
Post a Comment
Read more

Amazon CloudWatch Logs Insights introduces JOIN and sub-query commands - devamazonaws.blogspot.com

Amazon CloudWatch Logs Insights introduces JOIN and sub-query commands to the Logs Insights query language to accelerate log analysis. Customers who need to analyze logs across multiple log groups or correlate data from different sources no longer need to run multiple queries and manually combine the results. With JOIN and sub-query commands, you can accelerate troubleshooting across scenarios such as correlating application and infrastructure errors across different services and log groups, analyzing security events across multiple services, or tracking user sessions across distributed systems. For example, you can use a sub-query to identify services with more than 20 errors in the last day, then use JOIN to correlate those results with performance data from a different log group to calculate average response times, helping you prioritize which high-error services also have the worst performance impact — all in a single query. JOIN and sub-query commands are available today in al...
Post a Comment
Read more

[MS] Azure SDK Release (April 2026) - devamazonaws.blogspot.com

Thank you for your interest in the new Azure SDKs! We release new features, improvements, and bug fixes every month. Subscribe to our Azure SDK Blog RSS Feed to get notified when a new release is available. You can find links to packages, code, and docs on our Azure SDK Releases page . Release highlights Cosmos DB 4.79.0 The Java Cosmos DB library includes a critical security fix for a Remote Code Execution (RCE) vulnerability (CWE-502). Java deserialization was replaced with JSON-based serialization in CosmosClientMetadataCachesSnapshot , AsyncCache , and DocumentCollection , eliminating the entire class of Java deserialization attacks. This release also adds support for N-Region synchronous commit, a Query Advisor feature, and CosmosFullTextScoreScope for controlling BM25 statistics scope in hybrid search queries. AI Foundry 2.0.0 The Azure.AI.Projects NuGet package ships its 2.0.0 stable release with significant architectural changes. Evaluations and memory operations moved to...
Post a Comment
Read more

AWS Managed Microsoft AD now supports Kerberos Encryption audit event logs - devamazonaws.blogspot.com

Starting today, AWS Managed Microsoft AD supports forwarding Kerberos Encryption audit event logs (Event IDs 201–209) to Amazon CloudWatch Logs. These logs provide visibility into the encryption types used by your applications and services, helping you identify which resources are using RC4 encryption versus AES encryption. This visibility allows you to decide whether to upgrade clients to AES encryption (recommended for improved security) or maintain RC4 support based on your environment's compatibility requirements. To get started, navigate to your AWS Managed Microsoft AD directory Network and Security tab in the AWS Directory Service console and enable log forwarding to Amazon CloudWatch Logs. You can then review the Kerberos Encryption audit events to understand your current encryption settings. To learn more, see  Enabling Amazon CloudWatch Logs log forwarding for AWS Managed Microsoft AD. This featu...
Post a Comment
Read more