Skip to main content
← All Tags

Security

225 articles in this category (Page 3 of 10)

AI NewsSecurityAI Engineering

Why AI Agents Need Runtime Governance for Enterprise Security

Model alignment fails to secure AI agents; true enterprise safety requires a runtime policy layer to govern dynamic tool calls and data retrieval.

Read more
AI NewsNetworkingSecurity

Secure P2P Data Streaming for Multi-Agent AI Swarms via Pilot Protocol

Stream structured server anomalies from GCP to LangChain orchestrators using Pilot Protocol's virtual port 1000, bypassing firewalls without public ports.

Read more
AI NewsDevOpsSecurity

Hardening Linux Operations: Bash Security Patterns for Script Organization

Implement strict Bash defaults and native Linux tool integration to reduce operational risk and improve security visibility on production systems.

Read more
AI NewsLinuxSecurity

10 Essential Steps to Secure Your Linux Server

Master the critical 10-step framework for Linux server hardening to protect infrastructure and accelerate your DevOps career through community-validated best practices.

Read more
AI NewsSecurityJavaScript

Auditing NPM Supply Chain Risk: Why High-Download Packages Face Critical Exposure

A zero-install audit of 25 top npm packages reveals that major tools like esbuild and Chalk rely on single maintainers despite 100M+ weekly downloads.

Read more
AI NewsSecurityWeb Development

The Structural Risk of Invisible npm Infrastructure: Single-Maintainer Packages in Production

An analysis of 113 top npm packages identifies 26 critical risks where sole maintainers manage infrastructure serving over 10 billion weekly downloads.

Read more
AI NewsOpen SourceSecurity

OpenAI Releases Open-Source Privacy Filter: A 1.5B-Parameter MoE Model for PII Redaction

OpenAI releases Privacy Filter, an open-source 1.5B-parameter PII redaction model using Sparse MoE to achieve 50M active parameters for high-throughput edge deployment.

Read more
AI NewsSecurityDevSecOps

Building a Real-Time Anomaly Detection Engine for Cloud Storage Security

Learn how a Python daemon uses Z-score statistical analysis to detect and block malicious traffic in real-time using Linux iptables.

Read more
AI NewsSecuritySoftware Engineering

Building a Rust-Based Auth Server: Achieving OAuth2 Compliance in Under 20MB of RAM

Developer Luis created OVTL, a Rust-based auth server that reduces idle memory consumption from Keycloak's 512MB to under 20MB.

Read more
AI NewsSecuritySoftware Architecture

Beyond Bespoke Auth: Implementing a Universal Trust Layer for Scalable SaaS

Samuel Recio reveals how building custom authentication systems wastes up to three months of development runway before business logic is even addressed.

Read more
AI NewsDevOpsSecurity

Securing the Container Lifecycle: Essential Production Best Practices

Secure containerized environments by addressing shared kernel vulnerabilities and supply chain risks using tools like Trivy and Falco.

Read more
AI NewsSecurityEngineering

Implementing Persistent JWT Signing Keys with PostgreSQL and Envelope Encryption

Secure your OIDC server by replacing in-memory JWKS with an encrypted PostgreSQL store using AES-256-GCM envelope encryption for persistent token verification.

Read more
AI NewsSecuritySoftware Engineering

Identifying Supply Chain Risks in the Anthropic SDK Dependency Tree

An audit of the Anthropic SDK reveals transitive dependencies with single maintainers and 15 million weekly downloads, exposing critical supply chain risks.

Read more
AI NewsDevOpsSecurity

Governing Claude Code: Mitigating Risks of Autonomous Enterprise Production Deployments

Claude Code can autonomously merge PRs and deploy to production, requiring strict governance to prevent unintended system modifications and security leaks.

Read more
AI NewsSecurityOpen Source

CodeGuard: AI-Powered Open Source Security Scanner for DevSecOps

CodeGuard is an open-source AI security scanner targeting the 95% of breaches caused by known vulnerabilities, offering free CVE mapping and automated PR scanning.

Read more
AI NewsSecurityPython Development

Building a Secure Local Password Manager with Python and Typer

PMCLI is a local Python-based CLI tool that secures credentials using Fernet symmetric encryption and PBKDF2, storing data in a local JSON vault.

Read more
AI NewsSecuritySoftware Engineering

AI-Generated Object Merges: Preventing CWE-1321 Prototype Pollution in Cursor and Claude Code

Cursor and Claude Code default to for...in object merges, creating CWE-1321 prototype pollution risks based on pre-2019 training data.

Read more
AI NewsDevOpsSecurity

Audit Your Trust Surface: Lessons from the Bitwarden CLI Supply Chain Attack

Checkmarx identified malicious npm packages targeting the Bitwarden CLI ecosystem, highlighting the risk of unverified global CLI tools in production workflows.

Read more
AI NewsNetworkingSecurity

Understanding DPI Evasion and Why HTTPS Traffic Gets Blocked

Learn how Deep Packet Inspection (DPI) uses plaintext SNI metadata to block encrypted HTTPS traffic and how to implement evasion techniques like domain fronting.

Read more
AI NewsSecurityDevelopment

Strategic Use of Multiple Gmail Accounts for Marketing and Workflow Management

Buying PVA Gmail accounts enhances deliverability and security for marketers by leveraging aged accounts with established trust metrics to bypass automated filters.

Read more
AI NewsSecurityDevOps

Mitigating Subdomain Takeover: How to Audit and Secure Dangling DNS Records

Subdomain takeovers exploit dangling DNS records on platforms like Heroku and S3, allowing attackers to bypass CSP and steal cookies via legitimate domains.

Read more
AI NewsAI InfrastructureSecurity

OpenAI Launches GPT-5.4-Cyber: Specialized AI for Verified Security Defenders

OpenAI scales its Trusted Access for Cyber program, introducing GPT-5.4-Cyber to enable binary reverse engineering for thousands of verified defenders.

Read more
AI NewsDevOpsSecurity

Beyond Epistemic Negligence: Lessons from the Vercel 2026 Supply Chain Breach

The April 2026 Vercel incident exposed the critical risks of outsourced threat models and build-time secret exposure in modern CI/CD pipelines.

Read more
AI NewsDevOpsSecurity

Beyond the Vercel 2026 Breach: Reclaiming the Threat Model from Managed Infrastructure

Vercel confirmed a supply chain security incident in April 2026, exposing the dangers of delegating threat models to abstract deployment platforms.

Read more