IBM and Red Hat are bringing together what they’ve learned from frontier AI models and 20,000 engineers to launch Project Lightwell, a $5 billion initiative aimed at helping enterprises better secure their open source software, work that has become more challenging in the age of such models as Anthropic’s Claude Mythos Preview. Mythos and similarly […]
JFrog Report Surfaces Need for Rapid DevSecOps Change in AI Era
A report published by JFrog finds that cybercriminals are now increasingly targeting the artificial intelligence (AI) tools and platforms used by application development teams. Based on an analysis of 18.2 billion artifacts managed via the JFrog Platform, security researchers discovered 969 AI agent skills carrying high-impact payloads in addition to 495 malicious AI models on […]
Sol Duara Readies Open Source Workflow Orchestration Platform for CD Foundation
Sol Duara, a provider of open source platforms for managing the software development lifecycle (SDLC), has announced its intent to contribute an open source orchestration platform for automating software development workflows to the Continuous Delivery (CD) Foundation. At the core of the Conduit platform from Sol Duara is CDrus Expressions, a framework that turns CDEvents […]
Perplexity Bumblebee Shakes Loose Hidden Threats on Dev Desktops
The fight to maintain security has moved to the engineer’s messy desktop. Last week, AI search provider Perplexity open-sourced an internal tool, Bumblebee, for checking developer machines, either Linux or macOS, for vulnerable software. Continuous integration pipelines have baked security checks into them, with Software Bills of Materials (SBOMs) ensuring that the correct version of […]
OWASP Adopts CVE Lite CLI to Boost Dependency Scanning
Checking for dependency vulnerabilities in freshly developed software is usually done near the end of the build process. Remediation at that point can be tricky. Now, JavaScript and TypeScript developers can check for vulnerabilities themselves as they – or their agents – write their source code, using an open source project called CVE Lite CLI. […]
Ten Great DevOps Job Opportunities
staging-devopsy.kinsta.cloud is now providing a weekly DevOps jobs report through which opportunities for DevOps professionals will be highlighted as part of an effort to better serve our audience. Our goal in these challenging economic times is to make it just that much easier for DevOps professionals to advance their careers. Of course, the pool of […]
Attackers Can Exploit a Claude Code RCE Flaw to Take Command of System
A dangerous vulnerability found in Anthropic’s popular Claude Code developer model could have allowed bad actors to grab control of a victim’s system by luring them into clicking on a crafted malicious deeplink. Once in, the attacker could exploit the remote code execution (RCE) security flaw to execute arbitrary commands – such as shell commands […]
OpenTelemetry Achieves CNCF Graduated Project Status
The Cloud Native Computing Foundation (CNCF) today announced that the open source OpenTelemetry (OTel) project has officially graduated a little more than seven years after its initial adoption. Announced at the Observability North America Summit, OpenTelemetry was first donated to the CNCF in 2019 following the merger of separate OpenTracing and OpenCensus projects that sought […]
Microsoft Open-Sources RAMPART and Clarity to Bring Agent Safety Into the Dev Workflow
Microsoft open-sources RAMPART and Clarity to help dev teams embed AI agent safety testing directly into CI pipelines and design workflows.
CloudBees Survey Surfaces Increase in Production Issues Attributable to AI
A survey of 213 IT leaders, conducted by CloudBees, finds that while 93% report they are seeing productivity gains that are driven by increased adoption of artificial intelligence (AI) tools, a full 81% also report they have seen an increase in production issues attributable to AI-generated code. Shared this week at an Agentic DevOps World […]
- « Previous Page
- 1
- 2
- 3
- 4
- 5
- 6
- …
- 331
- Next Page »