jfrog

Trusted AI Adoption (Part 2): Detection

Jun 2, 2026 By Ohad Shalev In JFrog
It’s Monday morning. Your coding agents ran all weekend. Your security dashboard shows the exact same numbers it did Friday afternoon. Same models, the same approved Model Context Protocol (MCP) servers, the same AI assets you are familiar with. Reassuring. Then, suddenly, you get a notification: a production deploy failed an audit. The build references a model nobody on your team registered.
Read Post
Snyk

Protestware by open source maintainer to hinder agentic coding: The jqwik 1.10.0 Prompt Injection

Jun 2, 2026 By Brian Vermeer In Snyk
On May 25, 2026, the maintainer of jqwik, a Java property-based testing library, released version 1.10.0 to Maven Central with a hidden instruction intended for AI coding agents. The payload told agents to disregard previous instructions and delete all jqwik tests and code. It was hidden from humans with ANSI terminal codes but left fully readable to any tool that captures raw output.
Read Post

We solved the blank canvas problem | Tom Occhino from Vercel

Jun 2, 2026 By 1Password In 1Password
The prototype is the new PRD. In 2013, Facebook’s development of React changed the way software engineers build and write code. Today, LLMs are transforming that process again. This episode features Tom Occhino, React co-creator and current CPO at Vercel, whose work sits at the center of both shifts. In conversation with 1Password CTO Nancy Wang and Google’s Dev Tagare, Tom explores the platform changes driven by AI-written code, builds a full-stack app in real time, and sets up a deeper discussion on the security risks of agents building software.
View Video

Sedara: Inside the Attack Surface - What to Expect in Your First 30 Days

Jun 2, 2026 By Sedara In Sedara
What to Expect in Your First 30 Days: See what actually happens after deploying Attack Surface Management. In this first session of Sedara: Inside the Attack Surface, we walk through what organizations typically experience during the first 30 days of ASM deployment, from integrations and asset discovery to early detections, identity exposure, and remediation priorities. Learn how teams improve visibility, reduce exposure, and take a more proactive approach to cybersecurity.
View Video
1Password

Vercel's Tom Occhino on why access control is product architecture

Jun 2, 2026 By Chris Fowler In 1Password
Zero-Shot Learning is a podcast about how AI gets built, secured, and deployed. Hosted by Nancy Wang, 1Password CTO, and Dev Tagare, Senior Director of Engineering at Google, it's a builder's view of the architecture and the complex choices it takes to ship with AI.
Read Post
acronis

How OEMs can deliver safer, recoveryready systems in an evolving OT landscape

Jun 2, 2026 By Allison Ho In Acronis
OEM expectations have shifted. High performance is no longer enough, and systems must stay resilient for years or even decades across complex environments. Evolving cyberthreats and stricter regulations are increasing complexity. With legacy systems lasting longer and frameworks like the EU Cyber Resilience Act and IEC 62443 raising the bar, prevention alone no longer cuts it. Recovery readiness ensures fast, predictable restoration with minimal disruption.
Read Post
aikido

Why EDR and proxy won't save you from supply chain malware

Jun 2, 2026 By Samuel Vandamme In Aikido
Most security teams check the EDR box, check the proxy box, and move on. Against supply chain malware, neither provides meaningful protection because they were built for a different problem. Traditional malware has a way of sneaking onto a machine, whereas supply chain malware gets invited. The developer runs npm install, and the malicious code lands with full permission to execute. That inversion breaks both tools at the design level. ‍
Read Post
Subscribe to Security

Copyright © 2026 OpsMatters™. All rights reserved.