devsecops

AI vulnerability discovery and the case for systems security engineering

• aiml
• devsecops
• vulnerability-management

AI vulnerability discovery and the case for systems security engineering

Dr. Darren Death April 17, 2026

Security can't be an afterthought in an age of AI-powered bug hunting.

Read More Read more about AI vulnerability discovery and the case for systems security engineering

Code, control, and chaos: Rethinking security in the age of AI-driven development

• aiml
• application-security
• devsecops

Code, control, and chaos: Rethinking security in the age of AI-driven development

Paul Wagenseil April 13, 2026

Security needs to become part of the development process rather than an external impediment.

Read More Read more about Code, control, and chaos: Rethinking security in the age of AI-driven development

Rethinking Linux security operations

• application-security
• devsecops
• security-operations
• soc

Rethinking Linux security operations

Dennis Zimmer April 9, 2026

Tool sprawl weakens Linux security — unified, AI-driven ops boost speed, context, and resilience.

Read More Read more about Rethinking Linux security operations

Why secrets detection belongs everywhere in your security workflow

• aiml
• application-security
• devsecops
• generative-ai
• identity

Why secrets detection belongs everywhere in your security workflow

Michael Weber April 8, 2026

Secrets detection must expand across workflows with validation to cut noise and stop leaks.

Read More Read more about Why secrets detection belongs everywhere in your security workflow

The Axios npm breach taught us the need for a personal zero-trust

• application-security
• devsecops
• supply-chain
• zero-trust

The Axios npm breach taught us the need for a personal zero-trust

Aaron Beardslee April 7, 2026

Security pros need to develop a mental zero-trust that trusts nothing and tests everything.

Read More Read more about The Axios npm breach taught us the need for a personal zero-trust

Campaign combines WhatsApp with legit cloud platforms to deliver malicious VBS files

• application-security
• devsecops
• malware
• ransomware

Campaign combines WhatsApp with legit cloud platforms to deliver malicious VBS files

Steve Zurier April 1, 2026

Attackers continue to evade defenders by using legitimate platforms like AWS and Microsoft utilities.

Read More Read more about Campaign combines WhatsApp with legit cloud platforms to deliver malicious VBS files

Axios npm supply chain attack: Malicious updates add remote access trojan

• application-security
• devsecops
• identity
• malware
• supply-chain
• threat-intelligence

Axios npm supply chain attack: Malicious updates add remote access trojan

Laura French March 31, 2026

The axios npm package, with about 100 million weekly downloads, was compromised via a maintainer’s account.

Read More Read more about Axios npm supply chain attack: Malicious updates add remote access trojan

Wormsign, RSAC 2026: More auto-updating supply chain attacks on the way

• application-security
• devsecops
• malware
• rsac
• supply-chain

Wormsign, RSAC 2026: More auto-updating supply chain attacks on the way

Paul Wagenseil March 28, 2026

The Shai-Hulud worms that exploited automatic updates in open-source software repositories may be only the beginning, two...

Read More Read more about Wormsign, RSAC 2026: More auto-updating supply chain attacks on the way

RSAC 2026: Treat AI like a ‘junior developer’ to catch coding errors

• aiml
• devsecops
• rsac
• vulnerability-management

RSAC 2026: Treat AI like a ‘junior developer’ to catch coding errors

Laura French March 27, 2026

OX Security found AI coding assistants make the same common mistakes as humans.

Read More Read more about RSAC 2026: Treat AI like a ‘junior developer’ to catch coding errors

OWASP Gen AI Security Project RSAC 2026 – Scott Clinton – RSAC26 #6

• aiml
• application-security
• devsecops

OWASP Gen AI Security Project RSAC 2026 – Scott Clinton – RSAC26 #6

Mike Shema March 26, 2026

Read More Read more about OWASP Gen AI Security Project RSAC 2026 – Scott Clinton – RSAC26 #6