BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ

Register Sign in

Unlock the full InfoQ experience

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources.

Log In

or

Don't have an InfoQ account?

Stay updated on topics and peers that matter to youReceive instant alerts on the latest insights and trends.
Quickly access free resources for continuous learningMinibooks, videos with transcripts, and training materials.
Save articles and read at anytimeBookmark articles to read whenever youre ready.

Logo - Back to homepage

News Articles Presentations Podcasts Guides

Topics

Development

Featured in Development

How to Use Apache Spark to Craft a Multi-Year Data Regression Testing and Simulations Framework

Vivek Yadav, an engineering manager from Stripe, shares his experience in building a testing system based on multi-year worth of data. He shares insights into why Apache Spark was the choice for creating such a system and how it fits in the "traditional" engineering practices.

All in development

Architecture & Design

Featured in Architecture & Design

Scaling Cloud and Distributed Applications: Lessons and Strategies

The article shares goals and strategies for scaling cloud and distributed applications, focusing on lessons learned from cloud migration at Chase.com at JP Morgan Chase. The discussion centers on three primary goals and the strategies addressing the goals, concluding how these approaches were achieved in practice. For those managing large-scale systems, these lessons provide valuable guidance!

All in architecture-design

AI Infrastructure

Featured in AI, ML & Data Engineering

GenAI Security: Defending Against Deepfakes and Automated Social Engineering

In this episode, QCon AI New York 2025 Chair Wes Reisz speaks with Reken CEO and Google Trust & Safety founder Shuman Ghosemajumder about the erosion of digital trust. They explore how deepfakes and automated social engineering are scaling cybercrime and argues defenders must move beyond default trust, utilizing behavioral telemetry and game theory to counter attacks that simulate human behavior.

All in ai-ml-data-eng

Culture & Methods

Featured in Culture & Methods

Transforming Life Sciences: AI, Vibe Coding, and Drug Development Acceleration

In this podcast, Shane Hastie, Lead Editor for Culture & Methods, spoke to Satish Kothapalli about the transformative impact of AI and vibe coding in life sciences software development, the acceleration of drug development timelines, and the evolving roles of developers in an AI-augmented environment.

All in culture-methods

DevOps

Featured in DevOps

Hybrid Cloud-Native Networking in Enterprise - Some Assembly Required

Louis Ryan shares a compelling vision for modern cloud native hybrid networking. He critiques primitive network abstractions (the "Big IP" problem) and rigid security policies that rot and cause SPOFs. Discover how architects can elevate network functionality, bake in identity (mTLS/PKI), and leverage composability to achieve repeatable policy enforcement everywhere their applications run.

All in devops

Events

Helpful links

Choose your language

QCon AI New York 2025

Go from AI demos to real engineering impact. Learn to embed LLMs, govern & scale securely.

SOLD OUT!

QCon London 2026

Learn what works in AI, architecture, data, security & FinTech.

Early Bird ends Dec 9.

Learn how leading engineering teams run AI in production—reliably, securely, and at scale.

Launch pricing ends Dec 9.

InfoQ Homepage Common Vulnerabilities and Exposures Content on InfoQ

News

RSS Feed

Development

Redis Critical Remote Code Execution Vulnerability Discovered after 13 Years

Redis recently released a security advisory regarding CVE-2025-49844. This critical (CVSS 10.0) use-after-free (UAF) vulnerability in Lua scripting could allow authenticated attackers to execute remote code on older versions of Redis and Valkey with Lua scripting enabled. Developers are urged to upgrade to patched releases as soon as possible.

Renato Losio
on Nov 08, 2025
DevOps

RADIUS Protocol Vulnerability Exposes Network Device Authentication

A team of security researchers has discovered a significant vulnerability in the widely used RADIUS (Remote Authentication Dial-In User Service) protocol. This vulnerability could potentially allow attackers to gain unauthorised access to network devices. Cloudflare staff detailed the findings, highlighting the ongoing challenges of maintaining security in long-standing network protocols.

Matt Saunders
on Jul 24, 2024
Development

GUAC Joins OpenSSF as Incubating Project

The Graph for Understanding Artifact Composition (GUAC) has joined the Open Source Security Foundation (OpenSSF) as an incubating project. GUAC provides a tool and underlying API to analyse and visualise software bill of materials (SBOM) along with threat intelligence feeds to determine whether vulnerabilities impact an application.

Chris Swan
on Mar 07, 2024

BT