#software supply chain

[ follow ]
#software-supply-chain #cybersecurity #npm #malware #security #jfrog #open-source-security #devsecops #sbom #devops
Software development
fromDevOps.com
3 days ago

Sketch Coding and the Rise of MCP in DevOps - DevOps.com

Developer-focused culture and hands-on coding drive JFrog's innovation, blending AI, DevOps, and open source to create scalable, secure software supply chain tools.
Artificial intelligence
fromDevOps.com
3 days ago

Bringing Trust and Governance to AI-Driven DevOps - DevOps.com

AI is transforming DevOps by reshaping productivity, security, and software supply chains, requiring trust, verification, and alignment with practitioner experience.
fromInfoWorld
5 days ago

JFrog announces 'agentic repo' for AI-driven development

JFrog has introduced JFrog Fly, an offering the company describes as a zero-config, "agentic repository" for accelerating AI-driven software development. Introduced September 9, JFrog Fly is intended to support agentic workflows for development teams. AI agents orchestrate artifacts across the software life cycle, enabling developers to focus on delivering software to production with speed and scale, according to JFrog. Developers can join a beta waitlist for JFrog Fly.
Artificial intelligence
#npm
fromSecuritymagazine
6 days ago
Information security

2B Weekly Downloads at Risk: Supply Chain Attack Targets Popular npm Packages, Security Leaders Discuss

fromSecuritymagazine
6 days ago
Information security

2B Weekly Downloads at Risk: Supply Chain Attack Targets Popular npm Packages, Security Leaders Discuss

more#npm
Artificial intelligence
fromDevOps.com
6 days ago

JFrog CEO: AI Agents Require Practices Beyond Security, Traceability - DevOps.com

Foundational software platforms must embed agentic AI practices, security, traceability, and a single system of record to manage AI-driven development and supply-chain risk.
#software-supply-chain
fromNextgov.com
2 weeks ago
Information security

Report: Russia-based Yandex employee oversees open-source software approved for DOD use

fromDevOps.com
2 weeks ago
Software development

The Quantum Shift Is Here: A Survival Guide for the New Era of Software - DevOps.com

fromNextgov.com
2 weeks ago
Information security

Report: Russia-based Yandex employee oversees open-source software approved for DOD use

fromDevOps.com
2 weeks ago
Software development

The Quantum Shift Is Here: A Survival Guide for the New Era of Software - DevOps.com

more#software-supply-chain
#sbom
more#sbom
#ai
fromTechzine Global
1 month ago
DevOps

JFrog launches MCP Server for AI-driven development workflows

JFrog's MCP Server enhances developer productivity by integrating AI capabilities into coding environments.
fromWIRED
4 months ago
Artificial intelligence

AI Code Hallucinations Increase the Risk of 'Package Confusion' Attacks

AI-generated code often references non-existent third-party libraries, posing risks for supply-chain attacks.
Artificial intelligence
fromWIRED
4 months ago

AI Code Hallucinations Increase the Risk of 'Package Confusion' Attacks

AI-generated code often references non-existent third-party libraries, posing risks for supply-chain attacks.
more#ai
Information security
fromThe Hacker News
2 months ago

North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign

North Korean threat actors are deploying malicious npm packages as part of ongoing software supply chain attacks against the open-source ecosystem.
#cybersecurity
fromDevOps.com
3 months ago
Software development

Checkmarx Surfaces Malicious Effort to Compromise Software Supply Chains - DevOps.com

Software development
fromDevOps.com
3 months ago

Checkmarx Surfaces Malicious Effort to Compromise Software Supply Chains - DevOps.com

New malware targets application developers through typo-squatting, aiming to compromise software supply chains by providing persistent access and data exfiltration.
more#cybersecurity
fromDevOps.com
3 months ago

JFrog Extends Alliance With NVIDIA to Secure AI Software Supply Chain - DevOps.com

JFrog and NVIDIA have expanded integrations to include the Enterprise AI Factory, enabling the management of AI applications through JFrog's Software Supply Chain Platform.
Artificial intelligence
DevOps
fromInfoQ
3 months ago

Docker Introduces Hardened Images to Strengthen Container Security

Docker's Hardened Images significantly enhance container security by reducing attack surfaces and minimizing vulnerabilities.
DevOps
fromDevOps.com
4 months ago

Veracode Extends Scope and Reach of DevSecOps Portfolio - DevOps.com

Veracode enhances its risk management tool to strengthen DevSecOps capabilities and improve vulnerability identification in Kubernetes environments.
[ Load more ]