cuppa

brewed 07:49 AM
← May 06

Thursday

may07

2026

May 08 →

the brief

AWS leaned hard into agentic workflows: a managed MCP Server hit GA and a new Agent Toolkit shipped alongside memory upgrades in Bedrock, while Blackwell-class P6 instances arrived in us‑east‑1. Next.js pushed urgent security fixes. On the research side, fresh work probed program reconstruction and diffusion flow maps, and Google previewed a reCAPTCHA successor for broader fraud defense.

the poursit · sip · 11 items

alerts

(01)
  • vercel/next.js· feedMay 6, 06:54 PM

    Next.js ships multiple security fixes

    High‑severity advisories across App Router, Middleware, SSRF, and cache components are patched in 16.2.5 and 15.5.16—update promptly to avoid DoS and proxy bypass risks.

    v16.2.5 — This release contains security fixes for the following advisories: High: GHSA-8h8q-6873-q5fj: Denial of Service with Server Components GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes GHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components GHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection GHSA-c4j6-fc7j-m34r: Server-side request forgery in appli...

    signal 9hype 0security_fixrelease_notesnextjssource ↗

pulse

(06)
  • aws/whatsnew· feedMay 6, 12:00 PM

    AWS MCP Server reaches GA

    Managed MCP server gives AI coding agents secure, auditable access to AWS services, tightening control and visibility for orgs adopting agent workflows in production.

    The AWS MCP Server is now generally available — Today, AWS announces the general availability of the AWS MCP Server, a managed server that gives AI coding agents secure, auditable access to AWS services through the Model Context Protocol (MCP). The AWS MCP Server is a core component of the Agent Toolkit for AWS, which helps coding agents build on AWS more effectively. With the AWS MCP Server, organizations can let coding agents interact with AWS while maintaining visibility and control throug...

    signal 9hype 1awsmcpmodel_context_protocolsource ↗
  • aws/whatsnew· feedMay 6, 12:00 PM

    AWS launches Agent Toolkit

    Successor to AWS Labs MCP plugins, the toolkit packages tools and guidance to reduce agent errors, token costs, and enforce enterprise-grade security when coding against AWS.

    Announcing Agent Toolkit for AWS — help AI coding agents build effectively on AWS — Today, AWS is launching the Agent Toolkit for AWS, a production-ready suite of tools and guidance that helps AI coding agents build on AWS with fewer errors, lower token costs, and enterprise-grade security controls. The Agent Toolkit for AWS is the successor to the MCP servers, plugins, and skills available on AWS Labs. Developers using coding agents to build on AWS often find that their agents struggle with ...

  • aws/whatsnew· feedMay 6, 07:24 PM

    EC2 P6-B300 hits us-east-1

    Blackwell Ultra GPUs with 2.1 TB HBM and 6.4 Tbps EFA now land in N. Virginia, expanding next‑gen training and inference capacity in a key region.

    Amazon EC2 P6-B300 instances are now available in the US East (N. Virginia) Region — Starting today, Amazon Elastic Cloud Compute (Amazon EC2) P6-B300 instances are available in the US East (N. Virginia) Region. P6-B300 instances provide 8xNVIDIA Blackwell Ultra GPUs with 2.1 TB high bandwidth GPU memory, 6.4 Tbps EFA networking, 300 Gbps dedicated ENA throughput, and 4 TB of system memory. P6-B300 instances deliver 2x networking bandwidth, 1.5x GPU memory size, and 1.5x GPU TFLOPS (at FP4, w...

  • aws/whatsnew· feedMay 6, 05:00 PM

    Bedrock agents get memory metadata

    AgentCore Memory now supports structured keys and operators for tagging and filtering long‑term memories, improving retrieval beyond pure semantic search in production agents.

    Amazon Bedrock AgentCore Memory announces metadata for long-term memory — Amazon Bedrock AgentCore Memory now supports metadata on long-term memory (LTM) records, enabling agents to tag, filter, and retrieve memories using structured attributes alongside semantic search. You can define up to ten indexed keys per memory resource - with support for STRING, NUMBER, and STRING_LIST types - and use different operator types to filter retrieval results. Metadata can be attached to events at ingestio...

    signal 7hype 1aws_bedrockagent_memorymetadata_indexingsource ↗
  • hn/frontpage· feedMay 6, 05:59 PM

    Google unveils Cloud fraud defense

    Google positions a successor to reCAPTCHA with broader bot and abuse protection for modern apps, signaling a shift in anti‑fraud tooling beyond traditional challenges.

    Google Cloud fraud defense, the next evolution of reCAPTCHA — Article URL: https://cloud.google.com/blog/products/identity-security/introducing-google-cloud-fraud-defense-the-next-evolution-of-recaptcha/ Comments URL: https://news.ycombinator.com/item?id=48039362 Points: 283 # Comments: 269

    signal 6hype 1google_cloudproduct_launchrecaptchasource ↗
  • aws/whatsnew· feedMay 6, 06:00 PM

    AWS Marketplace adds Agreements API

    Programmatic procurement comes to Marketplace, letting teams accept offers, manage POs, and track entitlements end‑to‑end within internal workflows and tooling.

    AWS Marketplace now supports programmatic procurement with Agreements API — Today, AWS Marketplace announces the Agreements API, enabling you to procure AWS Marketplace products and manage agreements programmatically. With this launch, you can generate estimates, accept offers, track charges and entitlements, update purchase orders and manage agreements all within your existing tools and workflows. Combined with the Discovery API, the Agreements API provides an end-to-end procurement journey ...

findings

(03)
  • huggingface/blog· feedMay 6, 07:06 PM

    vLLM v1 prioritizes RL correctness

    Hugging Face and ServiceNow detail a “correctness before corrections” RL approach underpinning vLLM’s v1 upgrade, highlighting reproducibility and reliability over raw reward chasing.

    vLLM V0 to V1: Correctness Before Corrections in RL

  • hn/frontpage· feedMay 7, 03:46 AM

    ProgramBench tests program reconstruction

    New benchmark evaluates whether LLMs can rebuild real programs from scratch, probing tooling use, modularity, and long‑horizon reasoning under reproducible conditions.

    ProgramBench: Can Language Models Rebuild Programs from Scratch? — Article URL: https://arxiv.org/abs/2605.03546 Comments URL: https://news.ycombinator.com/item?id=48045174 Points: 22 # Comments: 18

  • hn/frontpage· feedMay 6, 06:46 PM

    Flow maps for diffusion integrals

    Sander Dieleman explores learning flow maps that integrate diffusion models, offering a principled path to faster sampling and new perspectives on generative dynamics.

    Learning the Integral of a Diffusion Model — Article URL: https://sander.ai/2026/05/06/flow-maps.html Comments URL: https://news.ycombinator.com/item?id=48040002 Points: 130 # Comments: 21

    signal 7hype 1diffusion_modelsflow_matchinggenerative_modelssource ↗

voices

(01)
  • hn/frontpage· feedMay 6, 05:19 PM

    Lessons from Val Town auth migration

    Candid post details moving from Supabase to Clerk and then building “Better Auth,” with concrete tradeoffs on DX, reliability, and vendor lock‑in.

    From Supabase to Clerk to Better Auth — Article URL: https://blog.val.town/better-auth Comments URL: https://news.ycombinator.com/item?id=48038827 Points: 243 # Comments: 167