DevOps Pulse

Atlassian patched 21 high-severity vulnerabilities including OS Command Injection in Confluence Data Center

while GitGuardian reports AI-assisted coding has doubled secret leak rates to 3.2% vs baseline 1.5% across 29M secrets detected on GitHub in 2025. GitProtect launched Azure DevOps Artifacts protection and Jira granular backup in v2.1.0, directly competing with Veeam's DevOps ambitions by covering the complete toolchain including package management. AI-driven DevOps pipeline attacks are becoming automated with NSA/CISA warning that CI/CD compromises are increasing as malicious actors target these attractive streamlined development tools.

Signals
34
Sections
5/5
Threats
8
Fresh
13
Updated
98d ago
Show

DevOps Platform Updates

scanned 99d ago7

Latest announcements and changes from GitHub, GitLab, Azure DevOps, Bitbucket, and Atlassian.

GitHub Expands AI-Powered Security Coverage

GitHub introduced AI-powered security detections in GitHub Code Security to expand application security coverage across more languages and frameworks. This complements CodeQL for broader vulnerability detection. Public preview planned for Q2 2026 with 80% positive developer feedback in internal testing.

githubGitHub Blog·23 MarNEW

GitHub $12.5M Investment in Open Source Security

GitHub joined Anthropic, AWS, Google, and OpenAI with a $12.5M commitment to Linux Foundation's Alpha-Omega initiative for open source security. The initiative focuses on helping maintainers integrate AI security capabilities into project workflows and strengthening critical open source software projects.

githubGitHub Blog·17 Mar

GitLab AI-Powered False Positive Detection GA

GitLab released agentic false positive detection for security scanning to general availability. This AI feature automatically scores and explains security findings to reduce alert fatigue and accelerate remediation. Agentic code reviews now cost a flat $0.25 per review, making automated review predictable at scale.

gitlabBusiness Wire·19 Mar

Atlassian March Security Bulletin - 21 High-Severity Fixes

Atlassian released security bulletin addressing 21 high-severity vulnerabilities across Jira, Confluence, and other products. Vulnerabilities discovered via Bug Bounty program and pen-testing. Includes OS Command Injection flaw (CVE-2025-64756) affecting Confluence Data Center and Server.

confluenceAtlassian Security·17 Mar

Azure DevOps Server Group Membership Bug Fixed

Microsoft released patch for Azure DevOps Server resolving critical issue that could cause group memberships to become deactivated under certain conditions. Patch available March 13, 2026 for customers who installed earlier versions.

azure-devopsMicrosoft DevBlogs·13 Mar

AI Secret Leak Rates Double GitHub Baseline

GitGuardian report shows AI-assisted coding has doubled secret leak rates compared to GitHub baseline. Claude Code-assisted commits leaked secrets at 3.2% vs 1.5% baseline. 29M secrets detected on GitHub in 2025, marking the largest single-year jump ever recorded with 34% YoY increase.

githubGitGuardian·17 Mar

GitHub Advanced Security Setup Simplified

GitHub released guided experience for setting up and configuring Advanced Security in organizations. New streamlined interface allows faster configuration and repository targeting. Available on GitHub Enterprise Cloud with Server 3.22 release planned.

githubGitHub Changelog·17 Mar