Canonical releases Workshop for one-command sandboxed dev environments on Ubuntu
Canonical released Workshop, a tool that launches sandboxed development environments on Ubuntu with a single command. Environments are configured once and reproduced on …
7 hard truths security pros should know: 2026 DevOps Threats Report
In 2025, trusted Git hosting platforms became a playground for cyber criminals. This is the main conclusion from the latest “DevOps Threat Unwrapped Report 2026” by …
Attackers accessed, downloaded code from Grafana Labs’ GitHub
A threat actor has managed to access Grafana Labs’ GitHub environment and download the company’s codebase, the open-source observability and data visualization …
Where AI in CI/CD is working for engineering teams
Developers have folded AI into daily coding work. Still, the same tools remain largely absent from the systems that validate and ship software. New research from JetBrains …
SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines
Boost Security has released SmokedMeat, an open-source framework that runs attack chains against CI/CD infrastructure so engineering and security teams can see what an …
Intel puts its data center performance knowledge on GitHub
Intel engineers have published a centralized repository of data center performance knowledge on GitHub, giving practitioners direct access to tuning guides, configuration …
Google changes Play Store policies after settling Epic Games dispute
Google is making changes to the Play Store after settling its legal fight with Epic Games, focusing on three areas: more billing options, lower fees with new programs for …
Security and complexity slow the next phase of enterprise AI agent adoption
Enterprise AI agents are embedded in routine business processes, particularly inside engineering and IT operations. Many organizations report active production deployments, …
Uptime Kuma: Open-source monitoring tool
Service availability monitoring remains a daily operational requirement across IT teams, SaaS providers, and internal infrastructure groups. Many environments rely on …
Everyone uses open source, but patching still moves too slowly
Enterprise security teams rely on open source across infrastructure, development pipelines, and production applications, even when they do not track it as a separate category …
Java security work is becoming a daily operational burden
Security teams in large enterprises already spend significant time tracking vulnerabilities across software supply chains, third-party libraries, and internal codebases. Java …
Bytebase: Open-source database DevOps tool
Bytebase is a DevOps platform for managing database schema and data changes through a structured workflow. It provides a central place for teams to submit change requests, run …
Featured news
Resources
Don't miss
- Google fixes actively exploited Android vulnerability (CVE-2025-48595)
- Red Hat npm packages compromised in new Mini Shai-Hulud malware wave
- Zero trust physical security needs trust decisions at the edge
- Why you need BAS and autonomous pentesting together
- This AI model backdoor attack stays hidden until you customize the model