Good Morning! Discord just pulled off a massive upgrade to their search system, finally making it strong enough to handle trillions (yep, trillions) of messages without falling over. Meanwhile, the crypto world took a hit when the official XRP NPM package got hacked to steal private keys — so if you use it, go patch yesterday. And over at Cape Canaveral, Amazon is gearing up (weather permitting) to launch the first wave of Project Kuiper satellites to take on SpaceX’s Starlink empire.

— Forrest Knight & Meghanadh Vasireddy

How Discord Scales Search for Trillions of Messages

Context: Back in 2017, Discord's search engine was already handling billions of messages using Elasticsearch with smart sharding (by server or DM). It worked—until it didn’t. Redis queues melted under load, Elasticsearch nodes threw tantrums, and massive servers (aka "Big Freaking Guilds") hit size limits. Fun times.

In classic Discord fashion, they tore it all down and rebuilt smarter. Highlights:

• Kubernetes + ECK: They moved Elasticsearch onto Kubernetes for easier scaling, upgrades, and zoning resilience.

• “Cell” Architecture: Instead of giant clusters, they now run tons of smaller ones (better fault tolerance, faster queries).

• PubSub Queues: Goodbye Redis. Hello guaranteed message delivery, even if Elasticsearch has a bad day.

• Smart Bulk Indexing: Now messages are grouped by cluster/index before bulk upload, minimizing retry nightmares.

• Cross-DM Search: DMs are now sharded by user, letting you finally search all your DMs without crying.

• BFG Handling: Big guilds that post like maniacs get custom multi-shard indexes to avoid blowing up Lucene limits.

Results:

• Doubled indexing throughput 🚀

• Median search latency dropped from 500ms to under 100ms

• 40 clusters, thousands of indices, and rolling updates with zero downtime

Read More Here

Major XRP Supply Chain Attack — What You Need to Know

Context: If you thought open-source dependencies were safe… uh, think again. This week, Aikido’s threat feed spotted something shady: the official xrpl.js library for XRP (you know, the cryptocurrency) got compromised on NPM. Attackers sneaked a backdoor into five versions to quietly steal private keys. Yeah — private keys. Wallets = exposed. Fun!

Turns out, someone likely hacked a Ripple dev’s NPM account, pushed poisoned versions, and almost pulled off one of the biggest crypto supply chain attacks we’ve seen this year.

Here’s the damage report:

• Affected versions: 4.2.1, 4.2.2, 4.2.3, 4.2.4, 2.14.2

• Backdoor: Secretly exfiltrated keys to 0x9c[.]xyz

• Attack method: Malicious checkValidityOfSeed calls buried in wallet functions

• Patch versions: 4.2.5 and 2.14.3 — upgrade now

• CVE: CVE-2025-32965 (CVSS 9.3 — critical)

If you had any of those versions, assume your keys are compromised, rotate immediately, and move funds out of impacted wallets. Don't wait.

And a PSA: just because a package is “official” doesn’t mean you can skip checking your dependencies. 🛡️

Amazon’s Kuiper Launch – Will They Beat the Weather This Time?

Context: Amazon is finally kicking off Project Kuiper — their $10 billion answer to SpaceX’s Starlink — by launching their first 27 internet satellites into low Earth orbit. After a weather fail earlier this month, they’re back at Cape Canaveral, crossing fingers for a Monday night (April 28) liftoff aboard a ULA Atlas V rocket. Forecast? 75% chance it’s go-time, but Florida thunderstorms are always lurking.

Here’s the quick rundown on why this matters:

• First major Kuiper deployment: 27 satellites today, 3,200+ planned in total

• Rocket: Atlas V with maxed-out boosters for the heavy lift

• Backup launch window: Tuesday, with 90% better weather odds

• Orbit goals: Initial 280 miles up → then cruising at 392 miles

• Competition: Amazon aims to take on SpaceX’s 5M+ Starlink customers globally

• Long-term plan: Over 80 launches using ULA, SpaceX, and Bezos' Blue Origin

If you’re on the East Coast, you might even catch the launch lighting up the sky — assuming no giant thunderclouds crash the party.

🔥 More Notes

• Alphabet's Earnings Soar: Alphabet, Google's parent company, reported a 12% revenue increase in Q1 2025, totaling $90.2 billion. Net earnings rose by 46% to $34.54 billion, driven by growth in Search, YouTube, and AI services. ​

• Nvidia's Robotics Push: Nvidia is gearing up to launch its Jetson Thor computers for humanoid robots in 2025. These systems aim to enhance robot autonomy and human interaction through AI. Nvidia is partnering with companies like Siemens and Universal Robots, focusing on providing the technology rather than manufacturing the robots themselves.

📹 Youtube Spotlight

Was this forwarded to you? Sign Up Here