Skip to main content
← All Tags

Security

204 articles in this category (Page 8 of 9)

AI NewsSecurityDevOps

Onyx Intelligence: Zero-Server Vulnerability Dashboard Aggregates 25+ Sources

Onyx Intelligence, a zero-server vulnerability dashboard, aggregates 25+ sources and auto-updates every 6 hours via GitHub Actions.

Read more
AI NewsDevOpsSecurity

Post-Mortem: Automated Backups Fail, SII Breathing Down Your Neck

45KB backup file caused 6 months of SII-compliant data loss in Chilean SMEs.

Read more
AI NewsDevOpsSecurity

Enriching Vault OIDC Tokens with SPIFFE Identity Metadata using Terraform

HashiCorp Vault OIDC tokens now include SPIFFE identity metadata for microservices, enabling precise access control.

Read more
AI NewsSecurityDevOps

🛡️ Laravel Secure Baseline: The Guardian Your Pipeline Deserves

Laravel Secure Baseline blocks CI deployments with critical security misconfigurations, preventing production vulnerabilities.

Read more
AI NewsSecurityDevOps

Let’s Encrypt’s 45-Day Certificates: A Deadline for DevOps Automation

Let’s Encrypt’s 2028 deadline for 45-day TLS certificates forces DevOps teams to upgrade automation or risk outages.

Read more
AI NewsSecurityAI Architecture

GenAI Security: Defending Against Deepfakes and Automated Social Engineering

GenAI amplifies cybercrime with deepfakes and social engineering, eroding digital trust at scale.

Read more
AI NewsDevOpsSecurity

A Natural Language Interface for Datadog Log Search

80% accuracy in Datadog query generation with RAG, addressing syntax gotchas that cause silent failures.

Read more
AI NewsGoDevOps

gopin - Automate Version Pinning for Go Install Commands

gopin automates version pinning for Go install commands, resolving CI instability from unpinned dependencies.

Read more
AI NewsJavaSecurity

Resolving java.io.IOException: Invalid Keystore Format Error in Java

Fix 'Invalid Keystore Format' errors by verifying file types, using correct KeyStore types, and avoiding build tool corruption.

Read more
AI Newssecurityappsec

The $3 Billion Session Fixation Attack

Django's 2019 session vulnerability (CVE-2019-11358) exposed $3B in potential losses from flawed token expiration logic.

Read more
AI NewsCI/CDSecurity

CI/CD Security Architecture: End-to-End Guide for SAST, SCA, DAST, and Automated Triage

Automated security in CI/CD reduces manual triage by 70% with Faraday integration.

Read more
AI NewsSecurityDevOps

Secure SSH Shell Applications - Planning Guide

Secure SSH apps with restricted shell configs, preventing unauthorized access and escape paths.

Read more
AI Newssecuritycybersecurity

Google's Antigravity Hacked in 24 Hours: Why AI Agents Need a New Security Architecture

Google's AI coding tool Antigravity was compromised in under 24 hours via a config file exploit, exposing systemic security flaws in AI agents.

Read more
AI NewsAWSSecurity

Amazon SNS Data Protection Policies Block, Mask, or Log Sensitive Data with 99% Sample Rate

Amazon SNS Data Protection Policies block, mask, or log sensitive data with 99% sample rate for compliance.

Read more
AI NewsSecurityLLM Testing

4 Critical Vulnerabilities in Llama 3.2 Exposed by AI Safety Testing

A new AI safety testing framework reveals 4 critical vulnerabilities in Meta's Llama 3.2 1B model, including prompt injection and jailbreak risks.

Read more
AI NewsFintechSecurity

The Hidden Payment Token Revolution

Payment networks like Visa and Mastercard now process over 50% of transactions via tokenization, reshaping digital payments.

Read more
AI NewsSecurityDatabase Management

Database Privilege Mismanagement: The Hidden Risk of Over-privileged Users

The Kozen IAM Utility reveals privilege mismatches, preventing accidental data breaches in MongoDB deployments.

Read more
AI NewsSecurityDevOps

Workload And Agentic Identity at Scale: Insights From CyberArk's Workload Identity Day Zero

CyberArk's Workload Identity Day Zero highlights the urgent need for secure, scalable identity management as 85% of orgs rely on vulnerable long-lived API keys for non-human identities.

Read more
AI NewsSecuritySoftware Engineering

Building Composable RLS: Enterprise Data Security on Autopilot

Composable Row-Level Security (RLS) implemented in a .NET Data Access Layer (DAL) guarantees data access control, eliminating common vulnerabilities.

Read more
AI NewsSecurityJava

Deep Dive into Fastjson Deserialization Vulnerabilities: From Principles to Practical Defense

This article details Fastjson deserialization vulnerabilities, particularly CVE-2022-25845, which can lead to Remote Code Execution (RCE).

Read more
AI NewsDevOpsSecurity

End-to-End DevSecOps Project (Movies Finder)

Automated DevSecOps pipeline cuts deployment time by 50% using GitOps and security-first tools.

Read more
AI NewsKubernetesSecurity

Amazon EKS Adds Native Support for AWS Secrets Store CSI Driver Provider

Amazon EKS now natively supports secure secret mounting from AWS Secrets Manager and SSM Parameter Store across all regions.

Read more
AI NewsSecurityDevOps

Introducing SSH Secure Audit: A Lightweight Open-Source SSH Security Scanner for Linux

SSH Secure Audit is a new open-source tool that quickly identifies risky SSH configurations on Linux systems.

Read more
AI NewsSecurityJava Development

Java 21 Introduces Standardized Key Encapsulation Mechanism (KEM) API

Java 21's JEP 452 introduces a standardized KEM API for secure symmetric key exchange using public-key cryptography.

Read more