DevOps Pulse

GitProtect launched first-to-market GitHub Enterprise Cloud Data Residency support

directly targeting Veeam's regulated industry customers with AES-GCM encryption and Azure DevOps integration. AI supply chain attacks hit unprecedented scale with TeamPCP compromising trusted security tools including Trivy scanner and GitHub Actions, weaponizing DevOps infrastructure itself. GitHub suffered a 4-month webhook secrets exposure incident while platform incidents surged 58% overall, validating independent backup necessity as SaaS reliability degrades. Veeam maintained its Gartner Customers' Choice designation with 4.8/5 rating, but competitive pressure intensifies as backup vendors pivot to AI-aware security convergence.

Signals
35
Sections
5/5
Threats
4
Fresh
11
Updated
72d ago
Show

DevOps Platform Updates

scanned 72d ago7

Latest announcements and changes from GitHub, GitLab, Azure DevOps, Bitbucket, and Atlassian.

GitHub Launches AI-Agent Security Game for Vulnerability Testing

GitHub released Season 4 of its Secure Code Game featuring ProdBot, a deliberately vulnerable AI coding assistant designed to teach developers how to identify and exploit agentic AI security risks. The game addresses real-world vulnerabilities like CVE-2026-25253 ('ClawBleed'), reflecting actual security threats as organizations deploy autonomous AI systems into production.

githubThe GitHub Blog·15 AprRecent

GitHub Enhances Secret Scanning with AI-Detected Patterns and Enterprise APIs

GitHub upgraded secret scanning with AI-powered generic secret detection now appearing in scan history APIs, new enterprise dismissal request endpoints, and expanded push protection defaults for Figma, GCP, Langchain, OpenVSX, and PostHog patterns. Custom pattern alerts can now be manually marked as active or inactive through the API.

githubGitHub Changelog·14 AprRecent

AI Supply Chain Attack Targets GitHub Repositories with 475 Malicious Pull Requests

Security researchers identified an AI-assisted supply chain attack called 'prt-scan' that deployed over 475 malicious pull requests targeting misconfigured GitHub repositories. The attack used AI to exploit open-source projects by stealing credentials and compromising sensitive data through automated malicious payloads.

githubMean CEO Blog·12 AprRecent

Azure DevOps Fixes Bitbucket Integration After API Deprecation

Microsoft resolved Azure DevOps integration issues with Bitbucket following API deprecation by Atlassian. A service-side problem was identified on April 8 related to deprecated Bitbucket APIs, with a hotfix deployed to restore App Service Bitbucket integration functionality.

azure-devopsMicrosoft Q&A·10 Apr

Black Duck Expands Security Platform Across All Major DevOps SCMs

Black Duck announced enhanced Polaris Platform integrations with unified coverage across GitHub, GitLab, Azure DevOps, and Bitbucket. The platform provides automated security scanning with instant onboarding for thousands of repositories, continuous monitoring of repository changes, and triggers for pull request security scans.

gitlabHelp Net Security·12 Feb

Atlassian Extends Data Export Restrictions to File Downloads

Atlassian expanded its data security policies to block downloading of files attached to Confluence and Jira pages. The change affects organizations with existing data export restrictions and requires Atlassian Guard Standard. Users will no longer see download buttons in attachment lists, macros, and file previews.

confluenceAtlassian Documentation·6 Apr

Atlassian Enhances Cloud Connectors with OAuth 2.0 Security

Atlassian introduced enhanced cloud connectors for linking Data Center and cloud environments through Admin Hub. The connectors support Rovo and Portfolio insights with OAuth 2.0 authentication for secure data flows between Jira Data Center 11.3+ and Confluence Data Center 10.2+.

jiraAtlassian Documentation·6 Apr