DevOps Platform Updates
scanned 72d ago7Latest announcements and changes from GitHub, GitLab, Azure DevOps, Bitbucket, and Atlassian.
GitHub Secret Scanning AI Enhancement and Enterprise APIs
GitHub released major updates to secret scanning including AI-detected secrets in scan history API, enterprise-level dismissal request endpoints, and expanded push protection defaults. The updates strengthen GitHub's continued investment in developer security experience and provide better enterprise control over secret detection workflows.
AI Agent Prompt Injection Vulnerabilities in Major Platforms
Security researchers discovered prompt injection attacks affecting Anthropic's Claude, Google's Gemini CLI, and Microsoft's GitHub Copilot AI agents. The attacks could steal API keys and access tokens through malicious pull request titles, highlighting critical security gaps in AI-powered DevOps tools.
GitHub Secure Code Game Season 4 Launches AI Agent Security Training
GitHub released Season 4 of its Secure Code Game focusing on agentic AI vulnerabilities. The game teaches developers to identify and exploit real-world security flaws in AI coding assistants, addressing the growing security concerns as AI agents move from research to production environments.
GitLab 18.11 Released with Vulnerability Resolution and AI Agents
GitLab released version 18.11 featuring vulnerability resolution on GitLab Duo Agent Platform, automated remediation capabilities, and new foundational agents. The release enhances security workflows and strengthens GitLab's AI-powered development assistance platform.
GitLab Critical Security Patches Address High-Severity CVE-2026-5173
GitLab released critical security updates addressing 12 vulnerabilities including CVE-2026-5173 (CVSS 8.5), a websocket access control flaw allowing authenticated attackers to invoke unintended server-side methods. Immediate upgrade recommended for all self-managed installations.
Azure DevOps Server April Security Patches Released
Microsoft released patches for Azure DevOps Server addressing pull request completion failures, malicious redirect prevention, and GitHub Enterprise Server PAT connection fixes. The patches improve validation during sign out to prevent security vulnerabilities.
GitHub Actions 2026 Security Roadmap: Secure-by-Default Platform
GitHub announced its 2026 roadmap for Actions security featuring centralized policy controls, deterministic dependency locking, and secure-by-default automation. The updates address supply chain attacks and aim to make CI/CD security easier without requiring workflow rebuilds.