Toyota data breach - Database keys exposed publically in GitHub for 5 years

Oct 12, 2022 By GitGuardian In GitGuardian
On October 7th, Toyota revealed a partial copy of their T-Connect source code had been accidentally exposed for 5 years, including access to data for over 290,000 customers. In 2014, Toyota introduced a new telematics service called T-Connect to customers, offering interactive voice response and allowing drivers to connect to third-party apps. Toyota advertises it as their “connected services that provide safe, secure, comfortable, and convenient services through vehicle communication.”
View Video
Snyk

Improving code quality with linting in Python

Oct 12, 2022 By Keshav Malik In Snyk

Python is a growing language. As it evolves and expands, so do the number of tools and development strategies available for working with it. One process that’s become increasingly popular is linting — or checking code for potential problems. With linting, errors in our code will be flagged so we can correct unusual programming practices that might result in problems. Linting is performed while the source code is written and before it’s compiled.

Read Post
Snyk

Secure your application from Argo CD to Kubernetes

Oct 12, 2022 By JJ Ng, Pas Apicella In Snyk

GitOps is a popular framework for managing and securing the application development pipeline. For many who have embarked on a GitOps journey, a common question is: “how can I secure my pipeline when everything is automated?” The GitOps framework is a concept where any code commits or changes are done through Git, which then triggers an automated pipeline that builds and deploys applications on Kubernetes.

Read Post
sysdig

Image scanning for GitLab CI/CD

Oct 12, 2022 By Dale Rodriguez In Sysdig

Scanning a container image for vulnerabilities or misconfigurations on your GitLab CI/CD using Sysdig Secure is a straightforward process. This article demonstrates a step-by-step example of how to do it. The following proof of content showcased how to leverage the sysdig-cli-scanner with GitLab CI/CD. Although possible, this procedure is not officially supported by Sysdig, so we recommend checking the documentation to adapt these steps to your environment.

Read Post

SnykLive | Stranger Danger: Your JavaScript Attack Surface Just Got Bigger | Oct 5, 2022

Oct 12, 2022 By Snyk In Snyk
Your JavaScript Attack Surface Just Got Bigger- here's what you need to know: Building JavaScript applications today means developers must take a step further from writing code. This live stream demonstrates a live JavaScript and cloud-native hacking session to show common threats, vulnerabilities, and misconfigurations. Further, we show how you can protect your application with actionable remediation and best practices for each exploit shown.
View Video
CrowdStrike

CrowdStrike Enables Federal Departments and Agencies to Meet CISA Operational Directive 23-01

Oct 12, 2022 By Andrew Harris In CrowdStrike

In support of the Executive Order on Improving the Nation’s Cybersecurity, the Cybersecurity and Infrastructure Security Agency (CISA) recently published a Binding Operational Directive (BOD) 23-01, designed to improve cybersecurity for the Federal Civilian Executive Branch (FCEB) enterprise and their respective unclassified assets.

Read Post

Stranger Danger: Your JavaScript Attack Surface Just Got Bigger

Oct 12, 2022 By Snyk In Snyk
Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.
View Video
Subscribe to Security

Copyright © 2026 OpsMatters™. All rights reserved.