Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

mend

What Being Customer Recognized in The Forrester Wave: Static Application Security Testing Solutions, Q3 2025 Really Means

Sep 9, 2025 By Rami Sass In Mend
Our customers have been telling us for months: “You’ve made security simple.” Today, Forrester confirmed what our customers already knew. Mend.io has been recognized as a Strong Performer in The Forrester Wave: Static Application Security Testing Solutions, Q3 2025. In our first appearance in the evaluation, we earned top scores in Innovation and Triage. But the recognition that matters most? Being highlighted as a customer favorite.
Read Post
CloudCasa

How to Bring Back Rancher Projects with CloudCasa

Sep 9, 2025 By CloudCasa In CloudCasa
If you’ve ever worked with Rancher projects, you know they’re a handy way to group namespaces, manage RBAC, and keep your Kubernetes world a little less chaotic. But what happens if a project or its namespaces vanish? That’s where CloudCasa comes in. It makes restoring Rancher projects and their workloads surprisingly simple. Let’s break it down into the three main situations you might run into.
Read Post
CalCom

Oracle Linux Server Hardening

Sep 8, 2025 By Jonny Gold In CalCom
Server hardening’s core principle is, “unnecessary functionality compromises security.” Adopting Linux should greatly simplify the process. No matter which flavor of Linux you choose to run, hardening your servers should be the same process; once you know one, you know them all. When it comes to Oracle Linux Server Hardening, what works for Red Hat or CentOS should continue to work. In theory, yes, but in practice, there are significant differences that could make or break your project.
Read Post
mend

NPM Supply Chain Attack: Sophisticated Multi-Chain Cryptocurrency Drainer Infiltrates Popular Packages

Sep 8, 2025 By Tom Abai In Mend
The NPM ecosystem faced another significant supply chain attack when 18 popular packages, including highly-used libraries like debug and chalk, were compromised with advanced cryptocurrency drainer malware. This attack, affecting packages with over 2 billion weekly downloads, demonstrates how cybercriminals are leveraging trusted software distribution channels to deploy advanced Web3 wallet hijacking code.
Read Post
teleport

Securing Identity in the Age of AI: A Buyer's Guide to Teleport

Sep 8, 2025 By Meina Ghafouri In Teleport
As enterprises embrace AI, identity has become the defining security challenge. Every new database, Kubernetes cluster, SaaS app, and now every AI agent introduces yet another identity that must be governed and protected. At the same time, attackers are weaponizing AI to accelerate identity-based threats, exploiting fragmentation and credential sprawl to devastating effect.
Read Post

Catch Bugs Early: Dynamic Scanning & the Cake Analogy Explained #cybersec

Sep 5, 2025 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video

The GhostAction Supply Chain Attack: Compromised GitHub Workflows And Stolen Secrets

Sep 5, 2025 By GitGuardian In GitGuardian
GitGuardian has uncovered GhostAction, a massive supply chain attack targeting 327 GitHub users and 817 repositories. Attackers injected malicious workflows that exfiltrated over 3,325 secrets, including npm, PyPI, and DockerHub tokens. Watch as GitGuardian's Senior Cybersecurity Researcher, Guillaume Valadon breaks down how this campaign unfolded, what was stolen, and what developers need to know to stay safe.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.