Tricentis survey reveals 68% of orgs use AI in software delivery, but 60% admit to shipping untested code, leading to massive financial and security risks.
Microsoft Brings AI Agents Directly Into the Windows Terminal
Microsoft’s Intelligent Terminal 0.1 brings native AI agent integration to the Windows Terminal. Here’s what DevOps engineers need to know.
Shai-Hulud Clone ‘Miasma’ Compromises 32 Red Hat npm Packages
The threat group behind the notorious Mini Shai-Hulud worm last month put the complete source code for the malware into a GitHub repository, essentially open sourcing the threat so that other bad actors can create their own variants. GitHub reportedly took down the repository shortly after it appeared, but the damage was already done, with […]
xAI Opens Grok Build 0.1 to Developers via API
xAI’s Grok Build 0.1 is now available in public beta via the xAI API — a fast, purpose-built coding model for agentic workflows, debugging, and MCP support.
IBM, Red Hat Launch Project Lightwell to Secure Open Source Software from Frontier Models
IBM and Red Hat are bringing together what they’ve learned from frontier AI models and 20,000 engineers to launch Project Lightwell, a $5 billion initiative aimed at helping enterprises better secure their open source software, work that has become more challenging in the age of such models as Anthropic’s Claude Mythos Preview. Mythos and similarly […]
Attackers Can Exploit a Claude Code RCE Flaw to Take Command of System
A dangerous vulnerability found in Anthropic’s popular Claude Code developer model could have allowed bad actors to grab control of a victim’s system by luring them into clicking on a crafted malicious deeplink. Once in, the attacker could exploit the remote code execution (RCE) security flaw to execute arbitrary commands – such as shell commands […]
1Password Allies With OpenAI to Secure Codex AI Coding Tool
DevSecOps teams can now manage coding agents as a tenant rather than another vault where secrets might be stored, ensuring credentials are never exposed to an AI agent or LLM as plain text. The MCP server does not read or return secret values through the MCP channel, allowing Codex to create environments and invoke applications while the values themselves never leave the 1Password vault.
GitLab Act 2: Still an Open Book
An analysis of GitLab’s “Act 2” transition under CEO Bill Staples, examining whether the company can successfully pivot to an AI-native, agentic software delivery model while dismantling the radically transparent, remote-first culture that originally defined its brand and operational success.
Widespread Mini Shai-Hulud Campaign Is a Matter of Trust
The latest series of attacks using the notorious Shai-Hulud worm puts into sharp focus the threats facing software developers and their CI/CD pipelines, an issue that has been raised in recent months as bad actors increasingly turn their attention to DevOps environments. That said, these most recent Shai-Hulud incidents attributed to the TeamPCP group also […]
xAI Enters the Coding Agent Race With Grok Build
Elon Musk’s xAI has entered the developer workspace with Grok Build, a local-first coding agent featuring an automated “Arena Mode” that runs and ranks parallel AI outputs to rival Anthropic and OpenAI