DevOps Pulse

GitHub shipped AI-driven security validation for third-party

coding agents while Bitbucket begins brownouts of app passwords ahead of July 28 deprecation, forcing enterprise authentication overhauls. AI agents wiped DevOps repositories in 9 seconds during the PocketOS incident, part of 68 distinct AI-driven attacks in 2025, while Miasma worm compromised 73 Microsoft repositories via AI coding tools. Rubrik launched Agent Cloud for Anthropic's Claude with AI safety nets, directly challenging Veeam's security convergence strategy as competitors race to capture AI operations governance before enterprise sprawl becomes permanent.

Signals
28
Sections
5/5
Threats
8
Fresh
13
Updated
17d ago
Show

DevOps Platform Updates

scanned 18d ago6

Latest announcements and changes from GitHub, GitLab, Azure DevOps, Bitbucket, and Atlassian.

GitHub Copilot CLI adds experimental security review command

GitHub shipped an experimental /security-review command in Copilot CLI for AI-driven vulnerability detection directly in terminal workflows. The feature scans local code changes for high-impact vulnerabilities like injection flaws and weak cryptography, providing actionable fixes before code reaches production. This represents GitHub's push to integrate security validation deeper into developer workflows.

githubReleasebot·20d agoRecent

GitHub extends security validation to third-party AI agents

GitHub made security validation for third-party coding agents (Claude, OpenAI Codex) generally available, bringing CodeQL scanning, secret detection, and advisory database checks to agent-generated code. This addresses a key security gap as AI-generated code becomes more prevalent in enterprise development workflows.

githubReleasebot·20d agoRecent

Microsoft Build 2026 announces Defender-GitHub integration

Microsoft announced Microsoft Defender integration with GitHub Code Security at Build 2026, part of an expanded AI security stack spanning code, agents, and models. The integration includes Agent 365 runtime controls and Purview protections, positioning Microsoft as the control plane for AI development lifecycle governance before enterprise sprawl becomes permanent.

githubWindows Forum·29d ago

GitLab launches Next Generation Source Code Management

GitLab unveiled a re-vamped Git protocol implementation based on distributed architecture at Transcend 2026, enabling AI agents to complete tasks 50 times faster. The platform optimizes DevOps workflows for the volume of AI-generated code, with distributed processing and storage engines plus limited server-side queries for better performance.

gitlabDevOps.com·21d agoRecent

Bitbucket app passwords enter deprecation brownouts

Bitbucket Cloud begins controlled brownouts for app passwords starting June 9, 2026, with full removal scheduled for July 28, 2026. Organizations must migrate to API tokens which offer improved security, expiration controls, and centralized management. The change affects all authentication workflows and CI/CD integrations currently using app passwords.

bitbucketAtlassian Community·20d agoRecent

Atlassian releases May 2026 security bulletin with critical fixes

Atlassian issued its May 19, 2026 security bulletin addressing 39 high-severity vulnerabilities and 3 critical-severity third-party vulnerabilities across Jira, Confluence, and other products. The comprehensive update represents significant security patches affecting both Data Center and Cloud customers, requiring immediate attention for self-managed installations.

confluenceAtlassian Support·19 May