CI/CD

Why Developer Workstations Have Become a Critical Part of the Software Supply Chain
For years, software supply-chain security discussions focused on centralized infrastructure such as build servers, package registries, and CI/CD systems. Recent attacks suggest that this view is incomplete. The Megalodon campaign injected malicious ...

‘HalluSquatting’ Compromises AI Coding Agents to Install Malware, Create Botnets
Hallucinations have been an ongoing problem since OpenAI first introduced its ChatGPT chatbot in November 2022, highlighting generative AI’s tendency to generate plausible but false or misleading information and its inability to ...

North Korea Expands the Reach of PolinRider Supply Chain Attack Campaign
The North Korean-sponsored threat groups behind the long-running fake interview scams targeting developers are expanding the PolinRider supply chain campaign that has escalated over the past several months. Reports from cybersecurity vendors ...

How AI is revamping DevSecOps processes
Artificial Intelligence is pushing DevSecOps into a new phase where security is no longer just about detecting vulnerabilities, but increasingly about resolving them automatically within the flow of software delivery. As many ...

Block Details Builderbot Framework for Orchestrating AI Agents Across SDLC
The software engineers at Block have developed an orchestration layer they are using to manage artificial intelligence (AI) agents that have been trained to automate multiple tasks across their software development lifecycle ...

How Independent Service Deployments Expose the Limits of Conventional Regression Testing Tools
The architectural shift to independently deployable services was supposed to make software delivery faster and less risky. In many aspects, it has. Teams can ship a change to one service without coordinating ...

Lightrun Adds Ability to Assess Impact Pull Request Will Have in Production
Lightrun is providing early access to an ability to verify whether a pull request (PR) will actually run in a production environment as part of its artificial intelligence (AI) platform for automating ...

Harness Adds Autonomous AI Agents to Automate DevOps Workflows
Harness today is providing DevOps teams with an ability to build and deploy autonomous artificial intelligence (AI) agents that automate the delivery of code to production environments. Trevor Stuart, a senior vice ...

Modernization Is Not Migration
Modernization worked only if the platform became easier to change, easier to understand and safer to run under pressure. That is not a philosophical position — it is a measurable one ...

Salesforce vs Dynamics 365 CE DevOps: A Practical Comparison for Enterprise Teams
Most organizations running CRM platforms eventually face the same challenge: how to deploy changes safely, consistently, and quickly. While Salesforce and Dynamics 365 Customer Engagement (CE) support modern DevOps practices, they approach ...

Newly Appointed CloudBees CEO Charts Agentic AI Engineering Course
The newly appointed CEO of CloudBees, Mo Plassnig, says that as the agentic artificial intelligence (AI) era dawns, the time has come to reinvent software engineering in a way that moves beyond ...

Why AI Testing Must Live Inside Your CI/CD Pipeline
Here is a situation most engineering leaders recognize. You roll out AI coding tools. Features ship faster. Developers are more productive. Then, a few months in, you realize something unexpected: the engineers ...

