Security

204 articles in this category (Page 4 of 9)

AI NewsSecurityDevOps

Surviving Repeated Cryptomining Attacks: A 10-Day Security Hardening Case Study

Solo developer Lyra TinyStrack suffered five cryptomining infections in 10 days due to local machine compromises and malicious npm dependencies.

Apr 10, 2026

AI NewsHomelabSecurity

Secure TrueNAS Plex Setup for Your Homelab

Secure your homelab by deploying Plex on TrueNAS with 500G ZFS quotas and VLAN isolation to prevent unauthorized access and data loss.

Apr 10, 2026

AI NewsSecurityDevOps

Automate Supply Chain Risk Audits with GitHub PR Comments

The Commit supply chain audit GitHub Action now flags critical risks directly in PR comments, identifying high-impact sole-maintainer dependencies.

Apr 10, 2026

AI NewsSecurityWeb Development

Securing Supabase: Preventing Data Leaks From Misconfigured Row Level Security

Learn how misconfigured Supabase RLS policies and public anon keys can expose entire databases to unauthenticated attackers.

Apr 7, 2026

AI NewsSecurityEngineering

The Complete DevSecOps Engineer Career Guide 2026

DevSecOps engineering is projected to see a 36% market growth by 2032, with senior-level salaries reaching $250K+ as security shifts left into automated pipelines.

Apr 6, 2026

AI NewsSecurityDevOps

Free SSL Certificate Checker: Real-Time TLS Validation and SAN Analysis

Manja's SSL Checker tool uses raw TLS handshakes to extract expiry, SANs, and protocol data for any domain, simplifying certificate audits and security debugging.

Apr 5, 2026

AI NewsSecurityDevOps

Securing CLI Agents: Moving Beyond Borrowed Identity for Robust RBAC

Coding agents using borrowed human CLI credentials risk accidental resource destruction, as seen in a staging environment where an agent rotated secrets and modified configs without a distinct identity.

Apr 5, 2026

AI NewsSecurityDevOps

MCP Connector Poisoning: How Compromised npm Packages Hijack Your AI Agent

The March 2026 axios supply chain attack deployed a cross-platform RAT via AI agents autonomously running npm install, bypassing traditional human oversight.

Apr 4, 2026

AI NewsSecurityDevOps

Securing the npm Supply Chain: Lessons from the 2026 Axios Attack

The 2026 Axios supply chain attack compromised 83 million weekly downloads by exploiting legacy tokens to bypass SLSA provenance attestations.

Apr 4, 2026

AI NewsSecurityDevOps

Hardening CI/CD Pipelines Against Zero-Day Supply Chain Attacks

Two supply chain attacks targeting GitHub Actions and npm dependencies hit CI/CD pipelines in March 2026, highlighting critical vulnerabilities in mutable tags.

Apr 4, 2026

AI NewsSoftware DevelopmentSecurity

Permzplus: A 2KB Zero-Dependency Auth Engine for High-Performance ABAC

Permzplus is a 2KB, zero-dependency authentication engine that achieves O(1) cached lookups via linear scans, replacing heavy libraries like CASL.

Apr 3, 2026

AI NewsAISecurity

Securing the Agentic Ecosystem: Managing AI Shadow Identities

AI agent sprawl has created massive shadow identity risks, with one Series B firm discovering 312 agents—more than double its human headcount.

Apr 2, 2026

AI NewsSecurityIoT

Securing IoT-Heavy Networks with Zero Trust Architecture and eBPF Edge Filtering

Implement Zero Trust in IoT networks using HookProbe's eBPF-powered engine to achieve 10us kernel reflex latency and autonomous security.

Apr 1, 2026

AI NewsBlockchainSecurity

Enterprise Blockchain in TypeScript: Real-World Case Studies, Protocol Mappings, MPC, HSM & Post-Quantum Patterns That Actually Run

Pedro Savelis released 20 runnable enterprise blockchain examples covering Hyperledger Fabric, Besu, and Corda, featuring NIST-standardized post-quantum cryptography.

Mar 31, 2026

AI NewsSecurityNode.js

Node.js Secret Management: Implementing Vault, AWS Secrets Manager, and Zero-Leakage Patterns

Secure Node.js production environments using AWS Secrets Manager and HashiCorp Vault to eliminate plaintext .env vulnerabilities and implement automated secret rotation.

Mar 29, 2026

AI NewsAISecurity

Cryptographic Identity Systems for Auditing Autonomous AI Agents

Cryptographic identity systems for AI agents use Ed25519 signatures and RFC 8693-style delegation to provide tamper-evident accountability for autonomous actions.

Mar 28, 2026

AI NewsSecurityAI

AI Agents and the Acceleration of Security Vulnerabilities

AI agents generate over 10,000 security findings monthly in Fortune 50 firms, with privilege escalation paths surging 300% despite cleaner code syntax.

Mar 28, 2026

AI NewsAISecurity

Secure Local AI Agents: Mitigating the Risks of Agentic Identity Theft

1Password CTO Nancy Wang discusses securing local AI agents against identity theft and unauthorized tool access as open-source agent adoption surges.

Mar 27, 2026

AI NewsWeb DevelopmentSecurity

5 Technical Hygiene Failures Impacting Website Security and SEO

Most websites fail basic technical hygiene checks like security headers and alt text, impacting SEO and security for free-to-fix issues.

Mar 22, 2026

AI NewsSecurityDevOps

RiskScore: Streamlining CVE Prioritization with Composite Risk Scoring

RiskScore simplifies vulnerability triage by combining CVSS, EPSS, and CISA KEV into a single 0–100 composite score.

Mar 22, 2026

AI NewsDevOpsSecurity

LogVision Pivots to Developer-Centric Log Visualization to Combat Log Fatigue

LogVision pivots from a complex security dashboard to a lightweight visualizer, replacing greyscale text logs with interactive visual maps for developers.

Mar 22, 2026

AI NewsSecurityDevOps

Secure GitHub Actions: Implementing pull_request_target Without Supply Chain Risks

Secure GitHub Actions by separating untrusted code execution from privileged repo automation to prevent secret exfiltration in fork pull requests.

Mar 21, 2026

AI NewsSecurityDevOps

Top 6 Secrets Management Tools for Developers in 2026

Hardcoded secrets led to over 10 million leaked credentials on GitHub in 2025; explore the top 6 tools for secure centralized management and rotation.

Mar 21, 2026

AI NewsAISecurity

Continuous vs Task-Based AI: Testing 21,000+ Cycles for True Autonomy

ENERGENAI LLC tested 21,111 AI agent cycles over 26 days to reveal the performance and cost gap between continuous operation and task-completion models.

Mar 21, 2026