DevOps Platform Updates
scanned 84d ago5Latest announcements and changes from GitHub, GitLab, Azure DevOps, Bitbucket, and Atlassian.
GitHub Secret Scanning Adds 28 New Detectors and Push Protection
GitHub expanded secret scanning with 28 new detectors across 15 providers including Vercel, Lark, and Supabase. Push protection now covers 39 token types by default, and AI-powered password detection was added. Enhanced metadata includes owner information and expiry dates for better enterprise governance.
Azure DevOps Server Patch Released for Group Membership Deactivation Bug
Microsoft released Patch 2 for Azure DevOps Server to resolve a critical issue causing group memberships to become deactivated under certain conditions. The patch applies to installations made before March 13, 2026 re-published release and includes mitigation for affected environments.
Atlassian Backup and Restore Now Available for Purchase
Atlassian Backup and Restore moved from open beta to paid add-on for Premium and Enterprise customers of Jira and Confluence. The service supports sites up to 300GB for Jira and 32GB for Confluence with daily/weekly scheduling. Open beta users can continue until mid-April 2026.
DevOps Platform Security Incidents Surge 69% Year-over-Year
GitProtect's 2025 analysis shows critical and major incidents across DevOps platforms increased from 48 in 2024 to 156 in 2025, with total downtime jumping from 4,755 to over 9,255 hours. GitHub, GitLab, Azure DevOps, and Atlassian platforms all experienced significant outages affecting millions of users.
Xygeni GitHub Action Compromised via Stolen Maintainer Credentials
The official Xygeni GitHub Action was compromised on March 3, 2026 when attackers used stolen maintainer credentials to inject malicious code. This follows a pattern of GitHub Actions supply chain attacks targeting CI/CD pipelines with privileged access to production systems and credentials.