Microservices Journal

Survey Surfaces Multiple Persistent DevSecOps Challenges
A survey of leaders based in North America finds 62% work for organizations that knowingly release insecure code to meet delivery deadlines ...

When AI Assistants Turn Against You: The Amazon Q Security Wake-Up Call
Amazon Q coding assistant was compromised with malicious prompts designed to wipe AWS accounts. What this near-miss teaches us about AI security ...

Five Great DevOps Job Opportunities
DevOps.com is now providing a weekly DevOps jobs report through which opportunities for DevOps professionals will be highlighted as part of an effort to better serve our audience. Our goal in these ...

“DevOps is Dead? Long Live DevOps-Powered Platforms”
If PlatformCon NYC proved anything, it’s that the DevOps ethos of collaboration, automation and continuous improvement now has a bigger, better stage ...

Checkmarx Surfaces Malicious Effort to Compromise Software Supply Chains
Checkmarx, this week, reported it has discovered malicious software packages that, in addition to injecting malware capable of bypassing endpoint security to exfiltrate data, also provide persistent remote access and control of ...

LaunchDarkly Acquires Highlight to Bring Observability to Application Release Management
LaunchDarkly is looking to bring observability to feature flag management by acquiring Highlight, a provider of an open-source application monitoring tool ...

Legit Security Extends AI Reach of ASPM Platform
Legit Security at the 2025 RSA Conference today extended the reach of its application security posture management (ASPM) platform that leverages artificial intelligence (AI) to identify vulnerabilities and other weaknesses to now ...

Lineaje Leverages AI Agents to Secure Open Source Packages and Images
Lineaje has added artificial intelligence (AI) agents that leverage multiple types of code scanners to ensure the open-source software packages and artifacts being used by application developers are truly secure ...

Five Great DevOps Job Opportunities
DevOps.com is now providing a weekly DevOps jobs report through which opportunities for DevOps professionals will be highlighted as part of an effort to better serve our audience. Our goal in these ...

Typosquat Supply Chain Attack Targets Go Developers
A backdoor that impersonates a widely used database module in the popular Go programming language can give hackers control of infected systems, according to a senior threat intelligence analyst with developer-focused platform ...

Five Great DevOps Job Opportunities
DevOps.com is now providing a weekly DevOps jobs report through which opportunities for DevOps professionals will be highlighted as part of an effort to better serve our audience. Our goal in these ...

RunSafe Security Extends Platform Reach to Build More Accurate SBOMs
RunSafe Security this week added an ability to generate a software bill of materials (SBOM) based on the code actually included in an application before it is deployed in a production environment ...