Pstgre Archives

Tech Optimizer

April 11, 2025

Announcing pgvector 0.8.0 support in Aurora PostgreSQL

Amazon Aurora PostgreSQL-Compatible Edition has integrated support for pgvector 0.8.0, an open-source extension for storing vector embeddings in databases, enhancing its capabilities for generative AI applications, particularly in semantic search and retrieval-augmented generation. The new version improves the PostgreSQL query planner's index selection, elevating query performance and search result quality. It refines data filtering through WHERE clauses and joins, and features iterative index scans to prevent overfiltering, ensuring sufficient query results. Additionally, pgvector 0.8.0 enhances performance for searching and constructing HNSW indexes. This version is available in Amazon Aurora clusters on PostgreSQL versions 16.8, 15.12, 14.17, and 13.20 or higher, across all AWS Regions except China. Users can upgrade by modifying their DB cluster settings.

Tech Optimizer

April 10, 2025

Amazon Bedrock Knowledge Bases now supports hybrid search for Aurora PostgreSQL and MongoDB Atlas vector stores

Amazon Bedrock Knowledge Bases has expanded to support hybrid search for knowledge bases created with Amazon Aurora PostgreSQL and MongoDB Atlas vector stores. This enhancement allows for a dual-query approach that combines semantic and full-text search methodologies, improving the relevance of search results. Users can access hybrid search through the Knowledge Base APIs or the Bedrock console, where they can select hybrid search as their preferred method. Hybrid search functionality with Aurora PostgreSQL is available in all AWS Regions except Europe (Zurich) and GovCloud (US) Regions, while for MongoDB Atlas, it is available in the US West (Oregon) and US East (N. Virginia) AWS Regions.

Tech Optimizer

April 10, 2025

How Heroku migrated hundreds of thousands of self-managed PostgreSQL databases to Amazon Aurora

Heroku has migrated its multi-tenant PostgreSQL database fleet from a self-managed environment on Amazon EC2 to the Amazon Aurora PostgreSQL-Compatible Edition, improving operational efficiency and customer satisfaction without impacting customers. This transition involved moving over 200,000 databases, utilizing a dual control plane approach and specialized transfer systems for efficient data migration. The new architecture allows Heroku to leverage AWS Cloud services more effectively, alleviating the operational burdens on engineering teams and enabling a focus on customer value. The migration also positions Heroku to introduce advanced features such as AI-enabled database administration and enhanced security measures.

Tech Optimizer

April 10, 2025

PostgreSQL vs. MySQL in 2025: Choosing the Best Database for Your Backend

In 2025, PostgreSQL has a usage rate of 45.55%, while MySQL has a usage rate of 41.09%. PostgreSQL is preferred for applications requiring complex queries and robust data management, while MySQL is favored for speed and efficiency in read-heavy environments. PostgreSQL was named DBMS of the Year 2023 for the fourth time since 2017, with its latest version released in September 2023 featuring performance and replication enhancements. Developer surveys show PostgreSQL adoption has increased from 33% in 2018 to nearly 50%. MySQL is recognized for its rapid performance and ease of implementation, particularly in e-commerce and content management systems. Performance tests indicate PostgreSQL is approximately 1.6 times faster than MySQL in complex query scenarios. PostgreSQL offers built-in row-level security and encryption, while MySQL provides a user-friendly interface and solid security measures. PostgreSQL excels in managing large datasets and complex operations, whereas MySQL uses a distributed systems approach for workload management.

Tech Optimizer

April 9, 2025

Springtail announces $2.5M pre-seed funding to scale Postgres

Developers facing Postgres scalability limitations can either migrate to a different database or create a custom backend, both of which can be time-consuming. Springtail is a solution that enhances Postgres performance by offloading and scaling read execution while keeping the existing Postgres instance as the primary data store. It allows for horizontal scaling of read-heavy workloads without extensive application changes or data migrations. Springtail's architecture distributes queries across multiple nodes to improve query throughput. The initial offering includes scalable, on-demand read replicas for Postgres on AWS, which share a storage layer and can independently scale compute resources, allowing users to activate or deactivate replicas as needed. This approach can lead to savings of up to 58% on Postgres read replication compared to Amazon RDS. Springtail was founded in 2023 and is based in the San Francisco Bay Area, supported by Gradient.

Tech Optimizer

April 8, 2025

PostgreSQL Merges Initial Support For NUMA Awareness

The PostgreSQL open-source database server is integrating IO_uring support for asynchronous I/O operations and AVX-512 acceleration for CRC32 computations, potentially improving performance by up to three times. It has also introduced initial support for Non-Uniform Memory Access (NUMA) awareness, aimed at enhancing performance on multi-node and multi-socket servers. This feature is available in the PostgreSQL Git repository ahead of the PostgreSQL 18.0 release scheduled for September and can be enabled with the "--with-libnuma" configuration option, currently limited to Linux systems. Enhancements include pg_shmem_allocations_numa for shared memory allocation insights and pg_buffercache_numa for buffer information across NUMA nodes.

Tech Optimizer

April 8, 2025

Pools across the sea: how Hyperdrive speeds up access to databases and why we’re making it free

Cloudflare has made Hyperdrive available on the free plan of Cloudflare Workers, allowing developers to create high-performance global applications that connect to SQL databases. Hyperdrive simplifies database connectivity by using existing drivers and connection strings, reducing the need for extensive refactoring. It has been adopted by Cloudflare's engineering teams for various functions, demonstrating its effectiveness in addressing common challenges in application development. Hyperdrive significantly improves performance, with a benchmark showing latency reduction from 1200 ms to 500 ms when using Hyperdrive instead of a direct connection, and further to 320 ms with caching enabled. It employs transaction-mode connection pooling to efficiently manage database connections, minimizing overhead and ensuring optimal performance for serverless applications. Hyperdrive's architecture includes a split connection approach that reduces latency by conducting necessary round trips over shorter distances. It also features a regional pool strategy for selecting data centers based on the inferred location of the Worker, optimizing connection latency. The system includes a dual-layer caching strategy to enhance query performance and reduce load on the origin database. Developers can easily start using Hyperdrive by executing a simple command or using a dashboard to set up a sample Worker application with their existing Postgres database.

Tech Optimizer

April 3, 2025

1,500+ PostgreSQL Servers Compromised With Fileless Malware Attack

A cryptojacking campaign has targeted over 1,500 organizations by exploiting inadequately secured PostgreSQL database servers. The attackers, identified as JINX-0126, use advanced techniques including credential brute-forcing and fileless execution to deploy Monero (XMR)-mining malware. Approximately 30% of cloud-hosted PostgreSQL servers are affected due to weak or default credentials. The attackers execute commands using PostgreSQL’s COPY FROM PROGRAM function, bypassing standard detection mechanisms. They have been linked to three cryptocurrency wallets with around 550 active mining workers, generating a hashrate of 4.04 GH/s and approximately €10.40 per hour in XMR revenue. The attack begins with credential spraying against default accounts, followed by an SQL injection to fetch the payload. The malware operates in memory, modifies PostgreSQL’s configuration to maintain persistence, and creates cron jobs for reactivation. The campaign reveals significant security gaps in cloud environments, with recommendations for improved access controls and monitoring.

Tech Optimizer

April 2, 2025

Amazon RDS Proxy announces TLS 1.3 support for PostgreSQL on Aurora and RDS

Amazon RDS Proxy now supports TLS 1.3 for connections to Amazon Aurora PostgreSQL and RDS for PostgreSQL database instances, enhancing security with stronger cryptographic algorithms and a streamlined handshake process. The Proxy automatically negotiates the highest security level during connection setup and can be configured to enforce TLS 1.3 exclusively. TLS 1.3 support is also available for RDS Proxy for MySQL engines. RDS Proxy is a fully managed database proxy that improves performance, reliability, scalability, and security for RDS and Amazon Aurora databases.

Tech Optimizer

April 2, 2025

Over 1,500 PostgreSQL Servers Hit by Fileless Malware Attack

A malware campaign has compromised over 1,500 PostgreSQL servers using fileless techniques to deploy cryptomining payloads. The attack, linked to the threat actor group JINX-0126, exploits publicly exposed PostgreSQL instances with weak or default credentials. The attackers utilize advanced evasion tactics, including unique hashes for binaries and fileless execution of the miner payload, making detection difficult. They exploit PostgreSQL’s COPY ... FROM PROGRAM function to execute malicious payloads and perform system discovery commands. The malware includes a binary named “postmaster,” which mimics legitimate processes, and a secondary binary named “cpu_hu” for cryptomining operations. Nearly 90% of cloud environments host PostgreSQL databases, with about one-third being publicly exposed, providing easy entry points for attackers. Each wallet associated with the campaign had around 550 active mining workers, indicating the extensive scale of the attack. Organizations are advised to implement strong security configurations to protect their PostgreSQL instances.