Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

mend

Deceptive 'Vibranced' npm Package Discovered Masquerading as Popular 'Colors' Package

Apr 17, 2023 By Tom Abai In Mend

A new malicious package has been detected on the Node Package Manager (npm) repository that poses a significant threat to users who may unknowingly install it. Named ‘Vibranced,’ the package has been carefully crafted to mimic the popular ‘colors’ package, which has over 20 million weekly downloads.

Read Post

The Lemontech story - GitGuardian customer stories

Apr 16, 2023 By GitGuardian In GitGuardian
A few weeks ago, we had the pleasure of exchanging with Ezequiel Rabinovich, Lemontech's CTO, about how his teams use GitGuardian to protect their repositories. Lemontech is a company developing software for the legal industry based in Santiago, Chile. It serves more than 1,300 customers in Latin America. Ezequiel supervises a team of about 30 developers and 4 DevOps engineers for approximately 150 employees. They use GitHub for source control management, and their organization has 350 repos, 130 of which are active.
View Video
CloudCasa

New Service Offering to Manage and Run Velero Backups at Enterprise Scale

Apr 14, 2023 By Bob Adair In CloudCasa

It’s spring again, and as the weather warms, the birds sing, and the flowers bloom, our thoughts here at Catalogic have turned to yet another major CloudCasa feature update! Our engineering team has (as they like to frequently point out) exceeded all reasonable expectations once again by delivering a veritable cornucopia of new features.

Read Post
Snyk

The importance of platform engineers in a security program

Apr 13, 2023 By Elliott Spira In Snyk

Platform engineers need to be empowered in an organization’s security program. Their work has huge leverage over a product's security posture, arguably as great an impact (some would even say greater) than application vulnerabilities. Despite the significance of the impact of their work, their role in security programs remain ill-defined.

Read Post
gitguardian

Best Practices for Securing Infrastructure as Code (IaC) in the DevOps SDLC [cheat sheet included]

Apr 13, 2023 By Guest Expert In GitGuardian

Discover the best practices and tools to secure your infrastructure as code (IaC) throughout the DevOps software development lifecycle. From threat modeling to monitoring, this comprehensive guide offers valuable insights to improve the security, reliability, and consistency of your IaC.

Read Post
armo

Kubernetes 1.27 Release: Enhancements and Security Updates

Apr 13, 2023 By Craig Box In ARMO
The Kubernetes 1.27 release brings multiple enhancements and security updates, providing users with an improved, more flexible, and secure platform for building and managing containerized applications. This post will provide an overview of the security-related updates and most significant enhancements in v1.27.
Read Post

Multi-Cluster Manager for Velero in under 5 mins

Apr 12, 2023 By CloudCasa In CloudCasa
Welcome to our latest video where we'll be discussing CloudCasa for Velero - a game-changing solution for multi-cluster Kubernetes data protection. With over 50 million pulls from DockerHub, Velero is the go-to open-source backup option for Kubernetes. CloudCasa for Velero is the first Kubernetes backup service that's fully complementary and open-source compatible with Velero. In this video, Martin Phan, Field CTO for CloudCasa, explores the benefits of using CloudCasa for Velero and how it can enhance your multi-cluster Kubernetes data protection.
View Video
mend

Malicious Packages Special Report Reveals 315% Spike in Attacks

Apr 11, 2023 By Carol Hildebrand In Mend

Today’s attackers aren’t just exploiting vulnerabilities — research from Malicious Packages Special Report: Attacks Move Beyond Vulnerabilities illustrates the growing threat of malicious packages. According to the report, the number of malicious packages published to npm and rubygems alone grew 315 percent from 2021 to 2022.

Read Post
mend

Warning: Poor Application Security Health Could Kill You

Apr 10, 2023 By Adam Murray In Mend

The Food and Drug Administration (FDA) recently implemented new guidance regarding medical device cybersecurity. It’s not a moment too soon, as new cases arise in which healthcare technology is compromised by vulnerabilities that escalate risks, which could threaten patients’ lives. In a recent survey, over 20% of healthcare organizations said that after a cyberattack, their patient mortality rates had risen, and another 57% reported that cyberattacks led to poorer outcomes for patients.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.