Latest Engineering Articles

This post examines the identity and access management gaps that emerge as organizations scale agentic AI deployments and outlines best practices to address them.

Databricks

261 min read

AI•2026-03-20

coSTAR: How We Ship AI Agents at Databricks Fast, Without Breaking Things

This post introduces coSTAR, Databricks' methodology for reliably testing and iterating on AI agents using MLflow.

Mosaic Research

Hugging Face

11 min read

Machine Learning•2026-03-20

Build a Domain-Specific Embedding Model in Under a Day

This post presents a pipeline to fine-tune a domain-specific embedding model in under a day on a single GPU without manual labeling.

Databricks

211 min read

Security•2026-03-20

Agentic AI Security: New Risks and Controls in the Databricks AI Security Framework (DASF v3.0)

Databricks releases DASF v3.0, extending its AI Security Framework with 35 new risks and 6 controls specifically targeting agentic AI systems.

Multi-Cloud Challenges, Intelligent Load Balancing, and AI-Powered Workflows: Databricks at SRECon 2026

Databricks previews three infrastructure talks at SRECon 2026, covering Kubernetes load balancing, AI-assisted database debugging, and their open-source auto-sharding system Dicer.

Announcing Ingress2Gateway 1.0: Your Path to Gateway API

This post announces the 1.0 release of Ingress2Gateway, a migration assistant that helps teams move from Kubernetes Ingress to Gateway API ahead of the Ingress-NGINX retirement in March 2026.

Kubernetes

65 min read

DevOps•2026-03-20

Running Agents on Kubernetes with Agent Sandbox

This post introduces the Agent Sandbox project, a new Kubernetes-native abstraction designed to run stateful, long-running AI agents as first-class workloads.

The Hacker News

71 min read

Security•2026-03-20

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy, an open-source vulnerability scanner by Aqua Security, suffered a second supply chain attack where 75 GitHub Actions version tags were hijacked to deliver CI/CD secret-stealing malware.

Databricks

81 min read

AI•2026-03-20

From Legacy to Lakehouse: How Mazda Accelerated GenAI for Technical Service Operations

Mazda built a GenAI-powered service assistant on Databricks Lakehouse to help hotline agents diagnose vehicle issues faster and more accurately.

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

A critical unauthenticated remote code execution vulnerability (CVE-2026-33017, CVSS 9.3) in Langflow was actively exploited within 20 hours of public disclosure.

Hugging Face

01 min read

AI•2026-03-20

What's New in Mellea 0.4.0 + Granite Libraries Release

IBM Research releases Mellea 0.4.0 and three Granite Libraries for building structured, verifiable, and safety-aware AI workflows on IBM Granite models.