Skip to main content
← All Tags

Security

204 articles in this category (Page 7 of 9)

AI NewsSecurityCloud

Chainlit AI Framework Vulnerabilities Allow Cloud Account Takeover

Two high-severity vulnerabilities in the Chainlit AI framework could allow attackers to steal data and gain control of cloud environments, impacting over 200,000 weekly users.

Read more
AI NewsSecurityDevOps

The 3 Most Common .env Leaks (and How to Prevent Them)

Most .env leaks aren't sophisticated attacks; they're due to fast-moving teams and inadequate security workflows, resulting in potential compliance and security incidents.

Read more
AI NewsDeep LearningSecurity

A Coding Guide to Demonstrate Targeted Data Poisoning Attacks in Deep Learning

This tutorial demonstrates a data poisoning attack on CIFAR-10 using PyTorch, achieving targeted misclassification with a 40% poison ratio.

Read more
AI NewsJavaSecurity

Fix the Java-MySQL Connection Exception: Public Key Retrieval is not allowed

Learn how to resolve the 'Public Key Retrieval is not allowed' error when connecting Java applications to MySQL 8 databases, a common issue stemming from new security features.

Read more
AI NewsSecurityMalware

Black Cat SEO Poisoning Campaign Targets Software Downloads

Black Cat ransomware group is using SEO poisoning to distribute malware via fake software download sites, impacting users searching for popular tools.

Read more
AI NewsSecurityPrompt Engineering

ChatGPT's Memory Feature Supercharges Prompt Injection

Researchers demonstrate the 'ZombieAgent' exploit, revealing how ChatGPT's memory and connector features amplify the severity of indirect prompt injection attacks.

Read more
AI NewsDevOpsSecurity

Solved: Managing short-lived tokens on VMs — a small open-source config-driven solution

This article details solutions for managing short-lived access tokens on VMs, addressing application outages and security risks with cloud IAM roles or a custom agent.

Read more
AI NewsDevSecOpsSecurity

Top 10 DevSecOps Tools Dominating 2026: Secure Your Pipeline Like a Pro

This article details the top 10 DevSecOps tools for 2026, emphasizing the shift towards proactive security and AI-driven vulnerability management.

Read more
AI NewsDevOpsSecurity

geol: A CLI for Efficient Software EOL Management

geol is a Go-based CLI designed to manage and report software End-of-Life (EOL) information, streamlining DevOps pipelines.

Read more
AI NewsSecurityDocker

Deepfake & Mobile Identity Fraud - Securing AI Models with Docker

Deepfakes are increasingly used to bypass mobile identity verification, necessitating a focus on securing AI models themselves, with Docker offering a solution to prevent tampering and fraud.

Read more
AI NewsAWSSecurity

Building a Secure Bastion Host Architecture in AWS: A Complete Step-by-Step Guide

This guide details building a secure bastion host architecture in AWS, enhancing security by isolating critical resources and controlling access.

Read more
AI NewsDevOpsSecurity

Reality Is Already in Production: A New Paradigm for AI System Security

The DevRealityOps Manifesto acknowledges AI misuse isn’t hypothetical; it’s happening now, demanding operational adaptation over idealistic prohibitions.

Read more
AI NewsDevOpsSecurity

Kubernetes Secrets Management: 5 Best Practices You Need to Know

Secure Kubernetes deployments by implementing encryption at rest, external secret managers, and RBAC to mitigate the risks of exposed credentials.

Read more
AI NewsDevOpsSecurity

Solved: PSA: Rippling and Wishpond, Companies with Negative Reviews Seem to Be Attacking the Sub

This article details how IT professionals can detect and mitigate coordinated digital reputation attacks, exemplified by recent reports regarding Rippling and Wishpond.

Read more
AI NewsSecurityDevOps

YURIE: A Lightweight Web Security Scanner for Developers

YURIE is a new, passive web security scanner designed for small projects and developers seeking quick, actionable security insights without complex tooling.

Read more
AI NewsAWSSecurity

AWS NACL — Subnet-Level Security in AWS 🔐

AWS Network Access Control Lists (NACLs) provide subnet-level security, controlling inbound and outbound traffic for enhanced VPC protection.

Read more
AI NewsRustSecurity

Magika 1.0: AI-Powered File Type Detection in Rust

Google released Magika 1.0, a Rust-based file type detection system achieving 99% average precision and recall across over 200 file types.

Read more
AI NewsSecurityData Privacy

Five AI Security Myths Debunked at InfoQ Dev Summit Munich

Katharine Jarmul debunked five common AI security myths at InfoQ Dev Summit Munich 2025, highlighting the over-reliance on technical solutions.

Read more
AI NewsSecurityAI

Securing AI Assistants: A Comprehensive Look at Threats and Controls

Andra Lezza details the criticality of data security for AI copilots, outlining the OWASP AI Exchange threat model and reviewing key risks and controls to protect sensitive data.

Read more
AI Newscompliancesecurity

Rebuilding Azure DevOps CI/CD for Compliance

A failed compliance audit exposed gaps in Azure DevOps CI/CD, prompting a shift to policy-as-code and security gates for auditable governance.

Read more
AI Newssecuritydevops

Strix: The Open-Source AI Penetration Testing Agent

Strix, an open-source AI penetration testing agent, automates real-world exploit validation to eliminate false positives.

Read more
AI NewsDevOpsSecurity

MyCoCo Reduces AI-Generated IaC Security Findings by 94% with OPA Guardrails

Only 9% of AI-generated IaC meets security compliance. MyCoCo slashed security findings by 94% using OPA policies while retaining 70% of speed gains.

Read more
AI Newspythonsecurity

How to Secure Your Python Project (A Practical Guide)

Automated clipboard copy of Python security guide using xclip in Ubuntu terminal.

Read more
AI NewsSecurityDevOps

The Secret Behind SAST: The Security Blind Spot Developers Can’t Ignore (Part 1)

SAST detects OWASP Top 10 vulnerabilities early, reducing remediation costs by up to 70%.

Read more