On Call Brief

CI/CD News

Weekly CI/CD news for operators — GitHub Actions and GitLab CI changes, Argo and Jenkins releases, runner advisories, and the pipeline outages that cost you a green build.

Read the latest brief → All On Call Brief issues

CI/CD News — On Call Brief topic banner illustration

About CI/CD News

CI/CD is the part of the platform everyone depends on and nobody budgets for until it breaks. On Call Brief tracks the pipeline stories that matter to the people maintaining them: GitHub Actions and GitLab CI changes and outages, Argo and Jenkins releases, runner security advisories, and the deployment-tooling shifts that quietly change how your team ships.

Each brief below gathers the week's CI/CD news with the operational angle front and center — what changed in the pipeline layer, and whether it's going to cost you a green build on Monday.

CI/CD in recent briefs

2026-07-05 — 2026-07-11

On Call Brief – Week of July 5–11, 2026

JadePuffer Demonstrates How AI Agents Can Automate Ransomware Attack; Microsoft, Google and Cloudflare just made 2029 the new quantum deadline; Cloudflare: 2 service incidents (Issues with…

2026-06-28 — 2026-07-04

On Call Brief – Week of June 28 – July 4, 2026

Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer; Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools;…

2026-06-21 — 2026-06-27

On Call Brief – Week of June 21–27, 2026

I discovered a large-scale malware distribution on GitHub; Rokarolla Android Banking Trojan Turns Smartphones Into Weapons Against Users; MSG Breach: Knicks Take the NBA Championship, ShinyHunters…

2026-06-14 — 2026-06-20

On Call Brief – Week of June 14–20, 2026

ServiceNow Fixes Flaw That Could Lead to Unauthorized Access to Instances; ShinyHunters Secret to Success: Breaking the Trust Barrier; GitHub Removes PAT Requirement for Agentic Workflows…

2026-06-07 — 2026-06-13

On Call Brief – Week of June 7–13, 2026

Over 20,000 Instagram accounts stolen in Meta AI support hack; A postmortem of our May 7, 2026 outage; Holy git! Microsoft code-sharing site suffers downtime, despite…

2026-05-31 — 2026-06-06

On Call Brief – Week of May 31 – June 6, 2026

The 28-Hour Meltdown: What Happened When AWS US-EAST-1 Overheated; Google Cloud Suspends Railway's Production Account; AWS Organizations emits CloudTrail events for account membership changes - Only…

2026-05-24 — 2026-05-30

On Call Brief – Week of May 24–30, 2026

DevOps'ish 310: The Breaches Are Coming From Inside the Extension Store; The War Between Wars: How an IRGC Front Runs Destructive OT and IT Attacks Under…

2026-05-17 — 2026-05-23

On Call Brief – Week of May 17–23, 2026

CISA Credentials, Sensitive Data Exposed in GitHub Repository; GitHub Breach Tied to Malicious VS Code Extension Exposes Thousands of Internal Repositories; Researcher says Microsoft secretly built…

2026-05-10 — 2026-05-16

On Call Brief – Week of May 10–16, 2026

EdTech Firm Instructure Pays Ransom as U.S. House Starts Investigation; Instructure Pays Ransom to Canvas Hackers; Cloudflare: 12 Scheduled Maintenance Windows (Network Performance Issues, Los Angeles,…

2026-05-03 — 2026-05-09

On Call Brief – Week of May 3–9, 2026

How a Cursor AI agent wiped PocketOS’s production database in under 10 seconds; When DNSSEC goes wrong: how we responded to the .de TLD outage; Argo…

2026-04-26 — 2026-05-02

On Call Brief – Week of April 26 – May 2, 2026

Microsoft Outlook for iOS still down and out for many after 'service change'; GitHub Faces Scaling Issues as AI Development Surges; China-Backed Groups Are Using Massive…

2026-04-19 — 2026-04-25

On Call Brief – Week of April 19–25, 2026

Everyone Wants Servers And Nobody Wants Servers; ingress-nginx to Envoy Gateway migration on CNCF internal services cluster; Cloudflare: 8 Scheduled Maintenance Windows (Sydney, Salt Lake City,…

2026-04-12

On Call Brief – Week of April 12–18, 2026

A guide to the breaking changes in GitLab 19.0; 76 The Cost of Assumptions ⚡; Ashby taught us we have to fight fire with fire

2026-04-05

On Call Brief – Week of April 5–11, 2026

GitHub availability report: March 2026; Another One Bites the Dust: What the CDKTF Deprecation Means for You; Dutch healthcare software vendor goes dark after ransomware attack

2026-03-29

On Call Brief – Week of March 29 – April 4, 2026

Trivy Supply Chain Attack Hits Docker Images in TeamPCP Campaign; Building SRE Error Budgets for AI/ML Workloads: A Practical Framework; LAX (Los Angeles) on 2026-03-30

2026-03-22

On Call Brief – Week of March 22–28, 2026

Another One Bites the Dust: What the CDKTF Deprecation Means for You; Windows Server 2025 SMB SID hardening is beachballing legacy clients; DevOps'ish 301: Super Micro…

2026-03-15

On Call Brief – Week of March 15–21, 2026

Major Breach — McKinsey's Lilli AI system compromised in under two hours, exposing millions of confidential client; Perplexity's Personal Computer system and Mistral's zero-exposure training address…

2026-03-08

On Call Brief – Week of March 8–14, 2026

Policy in Bedrock AgentCore is now GA; Accelerate Lambda durable functions development with new Kiro power - AWS; 👀 Claude Code now runs while you sleep

2026-03-01

On Call Brief – Week of March 1–7, 2026

[Last Week in AWS] Issue #460: Bedrock Throttling Guide: AWS Publishes Its Own Roast; What Google Cloud announced in AI this month; What’s new with Google…

2026-02-22

On Call Brief – Week of February 22–28, 2026

Perplexity Computer 💻, DeepSeek withholds v4 🐋, Cowork scheduled tasks 💼; Claude Cowork updates 💼, KiloClaw agents ⚡, intelligence yield 🧠; CVE-2025-31133, CVE-2025-52565, CVE-2025-52881 - runc…

2026-02-15

On Call Brief – Week of February 15–21, 2026

[Last Week in AWS] Issue #460: Bedrock Throttling Guide: AWS Publishes Its Own Roast; [Last Week in AWS] Issue #460: Bedrock Throttling Guide: AWS Publishes Its…

2026-02-08

On Call Brief – Week of February 8–14, 2026

Signal Outage [Ongoing]; Hetzner Outage; Privilege Escalation in Aurora PostgreSQL using AWS JDBC Wrapper, AWS Go Wrapper, AWS NodeJS Wrapper, AWS Python Wrapper, AWS PGSQL ODBC…

Frequently asked questions

What does CI/CD News cover?

The pipeline stories that matter to the people maintaining them — GitHub Actions and GitLab CI changes and outages, Argo and Jenkins releases, runner security advisories, and the deployment-tooling shifts that quietly change how your team ships.

Who is it for?

The engineers who own the pipeline layer and feel it first when a green build on Monday is suddenly at risk.

How are briefs selected?

Briefs are matched automatically when they cover CI/CD topics, so the hub reflects the latest weekly issues.

Does it cover runner and supply-chain security?

Yes — runner advisories and pipeline security changes are part of the coverage, with the operational angle front and center.

How do I subscribe?

Use the subscribe form on this page for one short weekly email on the CI/CD change worth knowing about.

Scroll to Top