// V007 - Weekly Technology Vlog #7 (Recap, NEW SITE, NEWS!)

The Cloud with Chris v2 website takes centre stage this week — a Hugo-powered redesign featuring a unified content hub for episodes, blogs, and guest pages with Podscribe AI-generated transcripts embedded directly on episode pages for accessibility. Chris invites community feedback at v2.cloudwithchris.com before the official launch, and the site reflects his ongoing commitment to making all content accessible.

On the security front, the most actionable update covers the npm dependency confusion (package substitution) attack, where an attacker publishes a public package matching an organisation’s internal private package name to exploit upstream registry resolution and infiltrate the software supply chain — a technique that successfully targeted several large companies in security research testing. The Azure DevOps blog covers upstream behaviour changes in Azure Artifacts to address this, and GitHub’s post recommends using scoped packages and project-level .npmrc files to pin registries. Azure DevOps also introduces continuous monitoring for web performance and accessibility using the Lighthouse API and axe-core as part of CI/CD pipelines — a workflow Chris plans to adopt for the v2 site. The Azure DevOps demo generator gets a refreshed blog from Damian Brady covering pre-configured project templates including Cloud Adoption Framework migration scenarios.

Tom Keane’s Azure blog post on bringing Azure to the International Space Station via HPE edge hardware explores scientific use cases including dust storm weather modelling for Mars missions, hydroponics and plant growth analysis, and medical imaging — representing cloud at the true frontier of edge computing. A personal access token management API enters private preview for Azure DevOps, and GitHub surfaces CWE and CVSS scores on security advisories to give developers richer vulnerability context.