Open source devs finally get a taste of full strength SLSA
The Open Source Security Foundation (OpenSSF) has delivered a full digit version of one of its key software […]
SUSE secures Rancher as K8s attack surface expands
SUSE has jacked up security in its Kubernetes management platform Rancher, as the container management platform finds its […]
Tainted PHP code? JetBrains Qodana has a new detection feature
JetBrains has released a taint analysis feature for PHP in preview, via its early access programme. A “taint”, […]
Securing the developer: LastPass breach highlights risks of DevOps itself
Updated LastPass has published more details about how its systems were compromised via an attack on a home […]
GitHub Blocks: preview opening for all users soon but remains “experimental”
The GitHub Blocks experiment will soon be open to all users, according to senior director of research Idan […]
Kotlin debuts “experimental” Kotlin/Wasm target in new beta – a new approach to frontend development?
JetBrains has released Kotlin 1.9.20 beta, including an experimental feature called Kotlin/Wasm that targets WebAssembly. The new release […]
Deno makes the case for server side rendering
Deno, maker of an JavaScript/Typescript runtime for use outside the browser as an alternative to Node.js, has published […]
GitHub revokes stolen code-signing certs, invalidates some versions of Atom and GitHub Desktop for Mac
GitHub reports that a “set of encrypted code-signing certificates” were exfiltrated from private repositories used in the planning […]
The biggest blocker to DevSecOps? Security teams and devs not getting on: Report
A new DevSecOps survey of enterprises says that only 28 percent of CISOs are confident that production applications […]
CircleCI security incident report: customer secrets stolen, unauthorised access to GitHub repos and third-party systems
DevOps player CircleCI has published details of the security incident that forced it to warn cloud customers to […]