A compromised GitHub Action exposed secrets from thousands of repositories, highlighting how CI/CD pipelines have become prime targets for supply chain attacks.
With Kubernetes pushing security features to GA and CISA issuing container hardening guidance, the container ecosystem is growing up on security. Here’s what matters for platform teams.
AWS re:Invent 2024 opens with major announcements around Trainium2 chips, Aurora DSQL, and Amazon’s own Nova AI models. Here’s what’s worth paying attention to.
IBM’s $6.4 billion acquisition of HashiCorp signals a major consolidation in the cloud infrastructure space. Here’s what it means for Terraform users and the broader IaC community.
A critical Jenkins vulnerability allows arbitrary file reads through the CLI. Here’s why this matters more than your typical CVE and what it reveals about CI/CD security.
As OpenTofu approaches its first stable release, the HashiCorp license change continues to reshape how we think about open source infrastructure tooling.