DevOps Pulse

Tenable discovered a critical vulnerability in Microsoft's

GitHub repository exposing CI/CD pipeline secrets to remote code execution, while Atlassian patched 38 high and critical vulnerabilities across Jira and Confluence. GitProtect expanded DevOps backup coverage to all four major platforms (GitHub, GitLab, Azure DevOps, Bitbucket) with comprehensive disaster recovery capabilities, directly challenging Veeam's position. AI-generated code now contains 45-62% security vulnerabilities with 92% of AI codebases having at least one critical flaw, creating urgent demand for backup solutions that handle AI-corrupted repositories.

Signals
34
Sections
5/5
Threats
7
Fresh
15
Updated
67d ago
Show

DevOps Platform Updates

scanned 68d ago7

Latest announcements and changes from GitHub, GitLab, Azure DevOps, Bitbucket, and Atlassian.

Critical Microsoft GitHub Flaw Exposes CI/CD Pipelines

Tenable discovered a critical vulnerability in a popular Microsoft GitHub repository that allows attackers to execute remote code and access secrets in GitHub workflows. The flaw highlights growing security risks in CI/CD pipelines as development becomes more automated.

githubDevOps.com·22 AprRecent

Atlassian Security Bulletin Addresses 31 High-Severity Vulnerabilities

Atlassian's April 21 security bulletin fixes 31 high-severity vulnerabilities and 7 critical third-party flaws across Jira, Confluence, and Bitbucket platforms. The bulletin emphasizes the importance of patching to latest versions for comprehensive security coverage.

jiraAtlassian Security·21 AprNEW

Atlassian AI Policy Changes for Jira and Confluence

Effective August 2026, Atlassian will use customer data from Jira and Confluence to train AI models. Lower-tier subscriptions cannot opt out, while Enterprise customers retain withdrawal rights. The policy affects approximately 300,000 clients and raises data protection concerns.

confluenceSecurity Online·21 AprNEW

GitHub Agentic Workflows Platform Ships Security Fixes

GitHub's Agentic Workflows platform released five updates between April 13-17, introducing security improvements including working-tree sanitization to prevent supply chain attacks. The updates also added new AI engine capabilities and pre-agent authentication steps.

githubGitHub Agentic Workflows·20 AprRecent

GitLab 18.11 Expands Agentic AI for Security Remediation

GitLab released version 18.11 with enhanced agentic AI capabilities for security vulnerability resolution, CI pipeline automation, and delivery analytics. The update addresses the AI Paradox where code generation outpaces security and operations workflows.

gitlabGitLab Press Releases·16 AprRecent

Bitbucket OAuth Security Updates Enforce May 2026

Bitbucket Cloud will enforce OAuth authentication changes on May 4, 2026, restricting client credentials grants and eliminating refresh tokens to improve security. The updates align with OAuth standards and reduce long-lived token risks.

bitbucketBitbucket Changelog·18 Apr

Azure DevOps Standalone Security Products Now Available

Microsoft unbundled GitHub Advanced Security for Azure DevOps into standalone products: Secret Protection ($19/month) and Code Security. This provides more flexible security options for DevOps teams while maintaining enterprise-grade protection capabilities.

azure-devopsMicrosoft Learn·19 Apr