DevOps Platform Updates
scanned 65d ago2Latest announcements and changes from GitHub, GitLab, Azure DevOps, Bitbucket, and Atlassian.
Critical AI Security Vulnerability in GitHub Copilot Fixed
Multiple critical vulnerabilities disclosed in GitHub Copilot and other AI coding tools, including passive prompt injection attacks that could exfiltrate repository tokens. GitHub has implemented fixes but the findings highlight new attack vectors in AI-assisted development that directly impact DevOps security posture.
GitHub OIDC Authentication for Dependabot and Code Scanning
GitHub shipped OIDC authentication support for Dependabot and code scanning, eliminating long-lived credentials for private registries. The enhancement supports AWS CodeArtifact, Azure DevOps Artifacts, and JFrog Artifactory, reducing credential sprawl in enterprise DevOps pipelines.