GitHub’s Copilot ML code-completion engine is violating copyright wholesale. So say several high-profile open source advocates.
Read More about Devs: Don’t rely on GitHub Copilot — legal risk gets real
Toyota stands accused of lax DevOps standards, as the company reveals it stored prod database credentials in a public GitHub repo. That’s bad enough, but it also took five years to detect and fix.
Read More about DevOps lesson from Toyota FAIL: Crash test secrets
The chatter around the Rust language is growing into a deafening roar.
Read More about Memory-safe #RustLang shines with its day in the sun
The security of the Border Gateway Protocol (BGP) is laughable. But we all rely on it every day. For everything.
Read More about DevOps teams: BGP security is BAD. But you can fix it
t’s confirmed: The Linux kernel will have Rust support soon.
Read More about Rust finds its mojo: Move forward to memory-safe code
Peiter “Mudge” Zatko (pictured) was grilled by U.S. senators this week. Twitter’s former head of security has some damning things to say about the service’s DevOps security — or lack of it.
Read More about Why Twitter security sucks: Half of staff has PII access
A presentation at the Black Hat Briefings in Las Vegas dug into the “how” of CI/CD compromises. As it turns out, many of the culprits will be familiar to security teams.
Read More about To secure your CI/CD pipelines, round up the usual suspects