This week on Ship It Weekly, Brian hits four stories where the guardrails become the incident.
GitHub had “Too Many Requests” caused by legacy abuse protections that outlived their moment. Takeaway: controls need owners, visibility, and a retirement plan.
Kubernetes has a nasty edge case where nodes/proxy GET can turn into command execution via WebSocket behavior. If you’ve ever handed out “telemetry” RBAC broadly, go audit it.
HashiCorp shared how HCP Vault handled a real AWS regional disruption: control plane wobbled, Dedicated data planes kept serving. Control plane vs data plane separation paying off.
AWS expanded its PCI DSS compliance package with more services and the Asia Pacific (Taipei) region. Scope changes don’t break prod today, but they turn into evidence churn later if you don’t standardize proof.
Human story: “reasonable assurance” turning into busywork.
Links
GitHub: When protections outlive their purpose (legacy defenses + lifecycle)
Kubernetes nodes/proxy GET → RCE (analysis)
https://grahamhelton.com/blog/nodes-proxy-rce
OpenFaaS guidance / mitigation notes
https://www.openfaas.com/blog/kubernetes-node-proxy-rce/
HCP Vault resilience during real AWS regional outages
https://www.hashicorp.com/blog/how-resilient-is-hcp-vault-during-real-aws-regional-outages
AWS: Fall 2025 PCI DSS compliance package update
https://aws.amazon.com/blogs/security/fall-2025-pci-dss-compliance-package-available-now/
GitHub Actions: self-hosted runner minimum version enforcement extended
Headlamp in 2025: Project Highlights (SIG UI)
https://kubernetes.io/blog/2026/01/22/headlamp-in-2025-project-highlights/
AWS Network Firewall Active Threat Defense (MadPot)
Reasonable assurance turning into busywork (r/sre)
https://www.reddit.com/r/sre/comments/1qvwbgf/at_what_point_does_reasonable_assurance_turn_into/
More episodes + details: https://shipitweekly.fm
Popular Podcasts
Two Guys, Five Rings: Matt, Bowen & The Olympics
Two Guys (Bowen Yang and Matt Rogers). Five Rings (you know, from the Olympics logo). One essential podcast for the 2026 Milan-Cortina Winter Olympics. Bowen Yang (SNL, Wicked) and Matt Rogers (Palm Royale, No Good Deed) of Las Culturistas are back for a second season of Two Guys, Five Rings, a collaboration with NBC Sports and iHeartRadio. In this 15-episode event, Bowen and Matt discuss the top storylines, obsess over Italian culture, and find out what really goes on in the Olympic Village.
Milan Cortina Winter Olympics
The 2026 Winter Olympics in Milan Cortina are here and have everyone talking. iHeartPodcasts is buzzing with content in honor of the XXV Winter Olympics We’re bringing you episodes from a variety of iHeartPodcast shows to help you keep up with the action. Follow Milan Cortina Winter Olympics so you don’t miss any coverage of the 2026 Winter Olympics, and if you like what you hear, be sure to follow each Podcast in the feed for more great content from iHeartPodcasts.
iHeartOlympics: The Latest
Listen to the latest news from the 2026 Winter Olympics.