Security

211 articles in this category (Page 7 of 9)

AI NewsDevOpsSecurity

How I Eliminated Access Keys from My Deployment Pipeline with OIDC, Terraform, and GitHub Actions

Eliminate AWS access keys in CI/CD pipelines using OIDC, Terraform, and GitHub Actions, reducing security risks and achieving a cost of approximately $0.92 per month.

Jan 23, 2026

AI NewsDevOpsSecurity

The Right Way to Deploy Private GitHub Repos to Your VPS

Securely deploy code from private GitHub repositories to a VPS using repository-specific SSH deploy keys, enhancing security and limiting server access.

Jan 23, 2026

AI NewsMachine LearningSecurity

How Machine Learning and Semantic Embeddings Reorder CVE Vulnerabilities Beyond Raw CVSS Scores

Learn how machine learning and semantic embeddings improve CVE vulnerability prioritization, achieving a 75th percentile score in ML-driven risk assessment.

Jan 23, 2026

AI NewsSecurityDevOps

CVE-Alert: Free Real-Time Vulnerability Tracking by Dataforge

CVE-Alert is a free web-based platform that provides real-time vulnerability tracking and email alerts for specified vendors and products.

Jan 21, 2026

AI NewsSecurityAPI

Is That Allowed? Authentication and Authorization in Model Context Protocol

Model Context Protocol (MCP) released in late 2024 offers standardized AI agent communication, but securing access requires careful authentication—currently handled at the transport layer.

Jan 21, 2026

AI NewsSecurityBlockchain

Time-Decoupled Law (TDSM)

Time-Decoupled Law (TDSM) introduces a protocol-level primitive to enforce execution delays, mitigating timing-based correlation attacks on blockchain privacy.

Jan 21, 2026

AI NewsSecurityCloud

Chainlit AI Framework Vulnerabilities Allow Cloud Account Takeover

Two high-severity vulnerabilities in the Chainlit AI framework could allow attackers to steal data and gain control of cloud environments, impacting over 200,000 weekly users.

Jan 20, 2026

AI NewsSecurityDevOps

The 3 Most Common .env Leaks (and How to Prevent Them)

Most .env leaks aren't sophisticated attacks; they're due to fast-moving teams and inadequate security workflows, resulting in potential compliance and security incidents.

Jan 12, 2026

AI NewsDeep LearningSecurity

A Coding Guide to Demonstrate Targeted Data Poisoning Attacks in Deep Learning

This tutorial demonstrates a data poisoning attack on CIFAR-10 using PyTorch, achieving targeted misclassification with a 40% poison ratio.

Jan 11, 2026

AI NewsJavaSecurity

Fix the Java-MySQL Connection Exception: Public Key Retrieval is not allowed

Learn how to resolve the 'Public Key Retrieval is not allowed' error when connecting Java applications to MySQL 8 databases, a common issue stemming from new security features.

Jan 10, 2026

AI NewsSecurityMalware

Black Cat SEO Poisoning Campaign Targets Software Downloads

Black Cat ransomware group is using SEO poisoning to distribute malware via fake software download sites, impacting users searching for popular tools.

Jan 9, 2026

AI NewsSecurityPrompt Engineering

ChatGPT's Memory Feature Supercharges Prompt Injection

Researchers demonstrate the 'ZombieAgent' exploit, revealing how ChatGPT's memory and connector features amplify the severity of indirect prompt injection attacks.

Jan 8, 2026

AI NewsDevOpsSecurity

Solved: Managing short-lived tokens on VMs — a small open-source config-driven solution

This article details solutions for managing short-lived access tokens on VMs, addressing application outages and security risks with cloud IAM roles or a custom agent.

Jan 5, 2026

AI NewsDevSecOpsSecurity

Top 10 DevSecOps Tools Dominating 2026: Secure Your Pipeline Like a Pro

This article details the top 10 DevSecOps tools for 2026, emphasizing the shift towards proactive security and AI-driven vulnerability management.

Jan 4, 2026

AI NewsDevOpsSecurity

geol: A CLI for Efficient Software EOL Management

geol is a Go-based CLI designed to manage and report software End-of-Life (EOL) information, streamlining DevOps pipelines.

Jan 2, 2026

AI NewsSecurityDocker

Deepfake & Mobile Identity Fraud - Securing AI Models with Docker

Deepfakes are increasingly used to bypass mobile identity verification, necessitating a focus on securing AI models themselves, with Docker offering a solution to prevent tampering and fraud.

Dec 31, 2025

AI NewsAWSSecurity

Building a Secure Bastion Host Architecture in AWS: A Complete Step-by-Step Guide

This guide details building a secure bastion host architecture in AWS, enhancing security by isolating critical resources and controlling access.

Dec 28, 2025

AI NewsDevOpsSecurity

Reality Is Already in Production: A New Paradigm for AI System Security

The DevRealityOps Manifesto acknowledges AI misuse isn’t hypothetical; it’s happening now, demanding operational adaptation over idealistic prohibitions.

Dec 28, 2025

AI NewsDevOpsSecurity

Kubernetes Secrets Management: 5 Best Practices You Need to Know

Secure Kubernetes deployments by implementing encryption at rest, external secret managers, and RBAC to mitigate the risks of exposed credentials.

Dec 28, 2025

AI NewsDevOpsSecurity

Solved: PSA: Rippling and Wishpond, Companies with Negative Reviews Seem to Be Attacking the Sub

This article details how IT professionals can detect and mitigate coordinated digital reputation attacks, exemplified by recent reports regarding Rippling and Wishpond.

Dec 26, 2025

AI NewsSecurityDevOps

YURIE: A Lightweight Web Security Scanner for Developers

YURIE is a new, passive web security scanner designed for small projects and developers seeking quick, actionable security insights without complex tooling.

Dec 16, 2025

AI NewsAWSSecurity

AWS NACL — Subnet-Level Security in AWS 🔐

AWS Network Access Control Lists (NACLs) provide subnet-level security, controlling inbound and outbound traffic for enhanced VPC protection.

Dec 12, 2025

AI NewsRustSecurity

Magika 1.0: AI-Powered File Type Detection in Rust

Google released Magika 1.0, a Rust-based file type detection system achieving 99% average precision and recall across over 200 file types.

Dec 12, 2025

AI NewsSecurityData Privacy

Five AI Security Myths Debunked at InfoQ Dev Summit Munich

Katharine Jarmul debunked five common AI security myths at InfoQ Dev Summit Munich 2025, highlighting the over-reliance on technical solutions.

Dec 11, 2025