Security

211 articles in this category (Page 8 of 9)

AI NewsSecurityAI

Securing AI Assistants: A Comprehensive Look at Threats and Controls

Andra Lezza details the criticality of data security for AI copilots, outlining the OWASP AI Exchange threat model and reviewing key risks and controls to protect sensitive data.

Dec 10, 2025

AI Newscompliancesecurity

Rebuilding Azure DevOps CI/CD for Compliance

A failed compliance audit exposed gaps in Azure DevOps CI/CD, prompting a shift to policy-as-code and security gates for auditable governance.

Dec 7, 2025

AI Newssecuritydevops

Strix: The Open-Source AI Penetration Testing Agent

Strix, an open-source AI penetration testing agent, automates real-world exploit validation to eliminate false positives.

Dec 7, 2025

AI NewsDevOpsSecurity

MyCoCo Reduces AI-Generated IaC Security Findings by 94% with OPA Guardrails

Only 9% of AI-generated IaC meets security compliance. MyCoCo slashed security findings by 94% using OPA policies while retaining 70% of speed gains.

Dec 6, 2025

AI Newspythonsecurity

How to Secure Your Python Project (A Practical Guide)

Automated clipboard copy of Python security guide using xclip in Ubuntu terminal.

Dec 6, 2025

AI NewsSecurityDevOps

The Secret Behind SAST: The Security Blind Spot Developers Can’t Ignore (Part 1)

SAST detects OWASP Top 10 vulnerabilities early, reducing remediation costs by up to 70%.

Dec 6, 2025

AI NewsSecurityDevOps

Onyx Intelligence: Zero-Server Vulnerability Dashboard Aggregates 25+ Sources

Onyx Intelligence, a zero-server vulnerability dashboard, aggregates 25+ sources and auto-updates every 6 hours via GitHub Actions.

Dec 6, 2025

AI NewsDevOpsSecurity

Post-Mortem: Automated Backups Fail, SII Breathing Down Your Neck

45KB backup file caused 6 months of SII-compliant data loss in Chilean SMEs.

Dec 5, 2025

AI NewsDevOpsSecurity

Enriching Vault OIDC Tokens with SPIFFE Identity Metadata using Terraform

HashiCorp Vault OIDC tokens now include SPIFFE identity metadata for microservices, enabling precise access control.

Dec 3, 2025

AI NewsSecurityDevOps

🛡️ Laravel Secure Baseline: The Guardian Your Pipeline Deserves

Laravel Secure Baseline blocks CI deployments with critical security misconfigurations, preventing production vulnerabilities.

Dec 3, 2025

AI NewsSecurityDevOps

Let’s Encrypt’s 45-Day Certificates: A Deadline for DevOps Automation

Let’s Encrypt’s 2028 deadline for 45-day TLS certificates forces DevOps teams to upgrade automation or risk outages.

Dec 3, 2025

AI NewsSecurityAI Architecture

GenAI Security: Defending Against Deepfakes and Automated Social Engineering

GenAI amplifies cybercrime with deepfakes and social engineering, eroding digital trust at scale.

Dec 3, 2025

AI NewsDevOpsSecurity

A Natural Language Interface for Datadog Log Search

80% accuracy in Datadog query generation with RAG, addressing syntax gotchas that cause silent failures.

Dec 2, 2025

AI NewsGoDevOps

gopin - Automate Version Pinning for Go Install Commands

gopin automates version pinning for Go install commands, resolving CI instability from unpinned dependencies.

Dec 1, 2025

AI NewsJavaSecurity

Resolving java.io.IOException: Invalid Keystore Format Error in Java

Fix 'Invalid Keystore Format' errors by verifying file types, using correct KeyStore types, and avoiding build tool corruption.

Dec 1, 2025

AI Newssecurityappsec

The $3 Billion Session Fixation Attack

Django's 2019 session vulnerability (CVE-2019-11358) exposed $3B in potential losses from flawed token expiration logic.

Dec 1, 2025

AI NewsCI/CDSecurity

CI/CD Security Architecture: End-to-End Guide for SAST, SCA, DAST, and Automated Triage

Automated security in CI/CD reduces manual triage by 70% with Faraday integration.

Nov 30, 2025

AI NewsSecurityDevOps

Secure SSH Shell Applications - Planning Guide

Secure SSH apps with restricted shell configs, preventing unauthorized access and escape paths.

Nov 30, 2025

AI Newssecuritycybersecurity

Google's Antigravity Hacked in 24 Hours: Why AI Agents Need a New Security Architecture

Google's AI coding tool Antigravity was compromised in under 24 hours via a config file exploit, exposing systemic security flaws in AI agents.

Nov 29, 2025

AI NewsAWSSecurity

Amazon SNS Data Protection Policies Block, Mask, or Log Sensitive Data with 99% Sample Rate

Amazon SNS Data Protection Policies block, mask, or log sensitive data with 99% sample rate for compliance.

Nov 29, 2025

AI NewsSecurityLLM Testing

4 Critical Vulnerabilities in Llama 3.2 Exposed by AI Safety Testing

A new AI safety testing framework reveals 4 critical vulnerabilities in Meta's Llama 3.2 1B model, including prompt injection and jailbreak risks.

Nov 29, 2025

AI NewsFintechSecurity

The Hidden Payment Token Revolution

Payment networks like Visa and Mastercard now process over 50% of transactions via tokenization, reshaping digital payments.

Nov 29, 2025

AI NewsSecurityDatabase Management

Database Privilege Mismanagement: The Hidden Risk of Over-privileged Users

The Kozen IAM Utility reveals privilege mismatches, preventing accidental data breaches in MongoDB deployments.

Nov 29, 2025

AI NewsSecurityDevOps

Workload And Agentic Identity at Scale: Insights From CyberArk's Workload Identity Day Zero

CyberArk's Workload Identity Day Zero highlights the urgent need for secure, scalable identity management as 85% of orgs rely on vulnerable long-lived API keys for non-human identities.

Nov 28, 2025