covid19

This is not the most exciting post that I would like to do. It has been a year since the pandemic hit us hard. An entire year working from home, everything looks quite different, it’s not easy at all, it’s something that we all have to deal together, but never Continue Reading

‘PackageGate’ Vulnerabilities Can Let Attackers Bypass Shai-Hulud Defenses January 30, 2026

In the wake of the massive Shai-Hulud supply chain attack that ripped through npm late last year and compromised more than 700 packages and exposed 25,000 repositories, developers in the JavaScript world embraced a two-part defense strategy. The widely adopted playbook called for disabling lifecycle scripts and using lockfiles. “It became the standard advice everywhere […]

Opsera Report Highlights DevOps Challenges Created by AI Coding Tools January 29, 2026

An analysis published today by Opsera, a provider of a DevOps platform, finds that while adoption of artificial intelligence (AI) coding tools has increased developer productivity they also create more duplicate code, resulting in 15 to 18% more security vulnerabilities per line of code compared to code created by a human developer. Overall, the Opsera […]

AWS CodeBuild Webhook Misconfiguration Exposed Admin Access Risk January 29, 2026

AWS fixed webhook filter misconfigurations in CodeBuild that could have allowed unauthorized repository access. No customer impact or malicious code found.

Open-Source Coding Agents Just Got Accessible January 29, 2026

Ai2’s open-source SERA coding agents slash the cost of training repository-aware AI, enabling teams to customize high-performance coding agents on private codebases for as little as $400.

Why Responsible AI Isn’t Optional in DevOps – It’s the Next Frontier of Ownership January 29, 2026

As AI takes on decision-making roles inside CI/CD pipelines, DevOps teams face a new challenge: Accountability. This article explores why responsible AI governance is now a core DevOps responsibility and a leadership imperative.

Software Supply Chain Threats Are on the OWASP Top Ten—Yet Nothing Will Change Unless We Do January 28, 2026

Software supply chain security is steadily moving to the forefront of cybersecurity conversations. In the past, it has been overshadowed by a focus on malware outbreaks, ransomware, endpoint protection, and application vulnerabilities. That changed this month, when OWASP elevated software supply chain failures to third place on its 2025 Top 10 list. The OWASP Top […]

Apiiro Guardian Agent Prevents AI Models From Generating Insecure Code January 28, 2026

Apiiro launches Guardian Agent, an AI security agent that rewrites prompts in real time to prevent insecure code from ever being generated, reducing vulnerabilities without slowing developers.

???? Covid-19

???? Happy 2021