Atlassian has addressed a hardcoded credential flaw in Questions for Confluence and servlet filter bypasses in multiple other products. The Australian vendor of software development and collaboration tools...
The Python Package Index (PyPI) is rolling out two-factor authentication (2FA) for “critical projects” in the form of physical security keys. Mindful of the growing threat to software supply...
Jira, Atlassian’s popular issue tracking and project management software, was vulnerable to a server-side request forgery (SSRF) flaw that researchers were able to abuse without obtaining...
Jira, Atlassian’s popular issue tracking and project management software, was vulnerable to a server-side request forgery (SSRF) flaw that researchers were able to abuse without obtaining credentials. “There...
The maintainers of Argo CD, the continuous delivery tool for Kubernetes, have patched a critical vulnerability that enabled attackers to forge JSON Web Tokens (JWTs) and...
As breaches continue to rise, cybersecurity and development professionals are feeling the pressure to maintain their organizations’ security postures. Invicti Security released a report unveiling how developers and...
A critical vulnerability in Flux2, the continuous delivery (CD) tool for Kubernetes, can enable rogue tenants in multi-tenancy deployments to sabotage ‘neighbors’ using the same off-premise infrastructure....
Enterprise IT personnel believe cybersecurity skills are their teams’ most important technical capabilities, according to a new report from the DevOps Institute. Ninety-two percent of respondents...
Wabbi published new research with IDG that finds companies utilizing continuous security have decreased vulnerabilities by 50%. The study focused on the integration of development and security, as...
Styra released a research report which explores how in sync, or misaligned, IT leaders and developers are when it comes to cloud-native technology use and security during their...
Recent Comments