Weekly news | 2025-11-26
news
- DuckDB v1.4 ships database encryption capabilities
- Android and iPhone users can now share files, starting with the Pixel 10 family
- HP and Dell disable HEVC support built into their laptops’ CPUs
- Canonical expands total coverage for Ubuntu LTS releases to 15 years with Legacy add-on
- Pebble Watch Software Is Now 100% Open Source
- Shai-Hulud Returns: Over 1K NPM Packages and 27K+ Github Repos infected via Fake Bun Runtime Within Hours
- AI:
- AWS:
- Amazon Athena cost and performance controls for Capacity Reservations
- Amazon Inspector organization-wide management through AWS Organizations policies
- Amazon Linux Supplementary Packages
- Amazon MQ LDAP authentication for RabbitMQ
- Amazon MQ now supports RabbitMQ version 4.2
- API Gateway REST APIs
-response streaming
-private integration with Application Load Balancer - Application and Network Load Balancers Post-Quantum Key Exchange for TLS
- Application Load Balancer
-launches Target Optimizer
-now supports Health Check Logs - AppStream 2.0 now supports Internet Protocol Version 6 (IPv6)
- Athena auto-scaling solution for Capacity Reservations
- Athena for Apache Spark is now available in Amazon SageMaker notebooks
- Aurora DSQL
-database clusters now support up to 256 TiB of storage volume
-integrated query editor in the AWS Management Console
-launches new Python, Node.js, and JDBC Connectors that simplify IAM authorization
-statement-level cost estimates in query plans - AWS CLI and SDK console authentication
- Backup
-Amazon FSx Intelligent-Tiering
-backing up directly to a logically air-gapped vault
-low-cost warm storage tier for Amazon S3 backups - Bedrock AgentCore Runtime Marketplace adds A2A server support
- Bedrock Custom Model Import OpenAI GPT OSS models
- Bedrock Data Automation now supports synchronous image processing
- Bedrock Guardrails
-adds support for coding use cases
-Automated Reasoning checks now include natural language test Q&A generation - Bedrock Priority and Flex inference service tiers
- Billing
-E-Invoice delivery for AWS customers using SAP Ariba and Coupa procurement portals
-Get Invoice PDF API
-India customers can now use UPI to sign-up and automate monthly payments - Billing Transfer multi-organization billing and cost management
- Braket introduces spending limits feature for quantum processing units
- Braket new quantum processor from Alpine Quantum Technologies (AQT)
- Builder Center Workshops
- Channel Partners can now resell using Billing Transfer
- CloudFormation
-drift-aware change sets
-early validation and simplified troubleshooting
-intelligent authoring in IDEs - CloudFormation StackSets now supports deployment ordering
- CloudFront
-Regional Edge Cache (REC) metadata, raw query string retrieval, and advanced origin overrides
-CBOR Web Tokens and Common Access Tokens
-flat-rate pricing plans for website delivery and security
-now supports TLS 1.3 for origin connections - CloudTrail
-data event aggregation to simplify security monitoring
-Insights for data events to automatically detect anomalies in data access - Cloud WAN adds Routing Policy for advanced traffic control and flexible network deployments
- CloudWatch application map now supports un-instrumented services discovery
- CloudWatch Application Signals adds GitHub Action and MCP server improvements
- CloudWatch Container Insights
-Neuron UltraServers on Amazon EKS
-Sub-Minute GPU Metrics for Amazon EKS - CloudWatch Database Insights cross-account cross-region monitoring
- CloudWatch
-In-Console Agent Management on EC2
-real user monitoring (RUM) adds support for iOS and Android applications
-scheduled queries in Logs Insights - Compute Optimizer automation rules
- Connect
-conversational analytics for voice and chat bots
-enhanced Instance-to-Instance communication
-monitoring of contacts queued for callback
-multi skill agent scheduling
-outbound campaigns supports ring time configuration for unanswered calls
-persistent agent connections for faster call handling - Control Tower
-+7 new compliance frameworks and 279 additional AWS Config rules
-introduces a controls-dedicated experience - Cost Anomaly Detection
-accelerates anomaly identification
-expands AWS managed monitoring - Cost Explorer 18-month forecasting and explainable AI-powered forecasts
- Cost Optimization Hub Cost Efficiency metric to measure and track cloud cost efficiency
- Data Exports FOCUS 1.2 is now generally available
- Device Farm Fully Managed Appium Endpoint
- Directory Service AWS PrivateLink for private VPC connectivity
- DMS Schema Conversion adds SAP (Sybase) ASE to PostgreSQL support with generative AI
- DynamoDB multi-attribute composite keys in global secondary indexes
- EBS Volumes Recycle Bin
- EC2 AMI ancestry for complete AMI lineage visibility
- EC2 Auto Scaling
-introduces instance lifecycle policy
-root volume replacement through instance refresh
-synchronous API to launch instances inside an Auto Scaling group - EC2 Fleet new encryption attribute for instance type selection
- EC2 Image Builder
-auto-versioning and enhances Infrastructure as Code experience
-flexible AMI distribution capabilities
-Lambda and Step functions - EC2
-Mac instances now support Apple macOS Tahoe
-Microsoft SQL Server 2025
-P6-B300 instances with NVIDIA Blackwell Ultra GPUs
-reduces costs for Microsoft SQL Server High-Availability deployments - ECR
-archive storage class for rarely accessed container images
-dual-stack endpoints now support AWS PrivateLink
-managed container image signing
-PrivateLink for FIPS Endpoints - ECS and EKS
-enhanced AI-powered troubleshooting in the Console
-fully managed MCP servers in preview - ECS Express Mode
- ECS Managed Instances adds configurable scale-in delay
- EKS
-enhanced container network observability
-introduces Provisioned Control Plane - Elemental MediaConnect Router
- EMR 7.12 now supports the Apache Iceberg v3 table format
- EMR Serverless now supports Apache Spark 4.0.1 (preview)
- FSx for Lustre improves directory listing performance by up to 5x
- FSx for Windows File Server File Server Resource Manager
- Glue
-additional SAP entities as zero-ETL integration sources
-DynamoDB connector with Spark DataFrame support
-supports CloudFormation and CDK for zero-ETL integrations - GuardDuty Malware Protection for AWS Backup is now available
- HealthImaging adds native JPEG 2000 Lossless support
- IAM
-enables identity federation to external services using JSON Web Tokens (JWTs)
-launches aws:SourceVpcArn condition key for region-based access control
-temporary delegation - IoT Core variable setting and error handling capabilities
- Kinesis Data Streams now supports up to 50 enhanced fan-out consumers
- Lambda
-adds support for Python 3.14
-Kafka event source mapping integration in Amazon MSK Console
-new tenant isolation mode to simplify building tenant-aware applications
-optimize costs up to 90% for Provisioned mode for Kafka ESM - Lex extends wait & continue feature in 10 new languages
- License Manager license asset groups for centralized software asset management
- Lightsail Nginx blueprint
- Location Service Address Form Solution Builder
- Marketplace estimated tax and invoicing entity information
- MSK Console viewing Kafka topics with new public APIs
- MWAA Serverless Deployment Option for Apache Airflow Workflows
- NAT Gateway now supports regional availability
- Network Firewall
-Active threat defense now enabled by default
-flexible cost allocation via Transit Gateway
-Managed Rules from AWS Partners available in AWS Marketplace - Network Load Balancer Weighted Target Groups
- OpenSearch Serverless
-adds AWS PrivateLink for management console
-backup and restore through the AWS Management Console
-now adds audit logs for data plane APIs - OpenSearch Service Cluster Insights for improved operational visibility
- Oracle Database@AWS KMS integration with Oracle Transparent Data Encryption
- Organizations
-direct account transfers between organizations
-upgrade rollout policy for Amazon Aurora and Amazon RDS - Parallel Computing Service
-is now HIPAA eligible
-now supports Slurm REST API - Payments Cryptography post-quantum cryptography to secure data in transit
- Polly additional languages and region support
- PrivateLink cross-region connectivity for AWS Services
- Q Developer enhanced cost management capabilities
- Quick Sight dashboard customization now includes tables and pivot tables
- Quick Sight expands Dashboard Theme Customization
- RDS for Oracle October 2025 Release Update and Spatial Patch Bundle
- RDS for SQL Server now supports Resource Governor
- RDS supports Multi-AZ for SQL Server Web Edition
- Redshift
-Just-In-Time (JIT) ANALYZE for Apache Iceberg tables
-SUPER data type in Databases with Case-Insensitive Collation
-writing to Apache Iceberg tables - Route 53 AWS PrivateLink support
- Route 53 DNS Firewall protection against Dictionary-based DGA attacks
- Route 53 DNS support for IPv6 API service endpoint
- Route 53 Profiles Resolver query logging configurations
- S3
-attribute-based access control
-new bucket-level setting to standardize encryption types used in your buckets
-post-quantum TLS key exchange on S3 endpoints - SageMaker Catalog
-column-level metadata forms and rich descriptions
-enforces metadata rules for glossary terms for asset publishing - SageMaker Data Agent analytics and AI/ML development
- SageMaker HyperPod running IDEs and Notebooks to accelerate AI development
- SageMaker
-notebooks with a built-in AI agent
-one-click onboarding of existing datasets - SageMaker Unified Studio
-adds EMR on EKS support with SSO capabilities
-long-running sessions with corporate identities - Savings Plans and Reserved Instances Group Sharing |
GA - Secrets Manager announces managed external secrets
- Security Incident Response agentic AI-powered investigation
- Security Incident Response now offers metered pricing with free tier
- Security Token Service Now Supports Internet Protocol version 6 (IPv6)
- Site-to-Site VPN
-announces VPN Concentrator
-BGP logging for VPN tunnels
-simplify remote connectivity - Step Functions enhances Local Testing with TestState API
- Tag Policies Validate and enforce required tags in CloudFormation, Terraform and Pulumi
- Transfer Family
-Terraform module to automate scanning of transferred files
-Terraform module to integrate with a custom identity provider
-web apps now support VPC endpoints - Transform Automates Landing Zone Acceleration Network Configuration
- Transit Gateway Flexible Cost Allocation
- VPC Encryption Controls and further raises the bar on data encryption
- VPC IPAM
-automates IP assignments from Infoblox IPAM
-policies to enforce IP allocation strategy - WAF announces Web Bot Auth support
- Well-Architected Lenses AI and ML workloads
- WorkSpaces Applications new instance types and configurable storage options
- For a full list of AWS announcements, be sure to keep an eye on AWS’s What’s New Feed page.
tooling
- Ebook: WebAssembly from the Ground up
- protondrive-linux: Mount Proton Drive on Linux using rclone and systemd
- gitlogue: A cinematic Git commit replay tool for the terminal, turning your Git history into a living, animated story
- flowglad: Open source payments + billing infrastructure
- gemini-cli-tips: Gemini CLI Tips & Tricks
- safe-npm: only install packages that are +90 days old
- EC2 Instance Family Performance Ranking
- Terraform Ingest: A terraform multi-repo module AI RAG ingestion engine and MCP server