Skip to main content

Posts

Attackers Exploit SimpleHelp Flaw to Steal Info from AI Coding Assistants, Clouds

Threat actors are exploiting a known security flaw in the SimpleHelp remote monitoring and management (RMM) software to drop two previously unknown pieces of malware that can compromise a broad range of systems and steal massive amounts of sensitive data. Researchers with Blackpoint Cyber’s Adversary Pursuit Group said they detected an intrusion in which the adversaries abused a critical authentication bypass vulnerability — tracked as CVE-2026-48558 — to obtain an authenticated technician session without valid credentials on an internet-facing SimpleHelp server. “The compromised RMM platform provided the operator with a trusted administrative channel capable of transferring files and executing commands on systems managed through the server,” Nevan Beal, principal managed detection and response (MDR) analyst with Blackpoint, and Sam Decker, threat intelligence engineer, wrote in a report . The bad actors followed that by deploying TaskWeaver, a modular and highly obfuscated Node.js...
Post a Comment
Read more
Recent posts

Configuration Drift in a Multi-Cloud World

Configuration drift is the gap between the infrastructure state declared in code and the state actually running in your environment. It occurs when resources are changed outside of your infrastructure as code (IaC) workflow, so the live system no longer matches its definition. In a single cloud, drift is usually straightforward to find and correct. Across multiple providers, it is harder to detect and more costly to leave unaddressed. Why Does Multicloud Make Drift Worse? Each provider has its own API, resource model, console, and defaults. A change made directly in one cloud does not resemble the equivalent change in another, so the signals used to detect drift differ in each environment. There is often no single source of truth that covers all providers, and tagging conventions and naming standards vary between accounts. As a result, the number of places where an undeclared change can go unnoticed increases with each cloud you add. The practical effect is that the documented stat...
Post a Comment
Read more

Ten Great DevOps Job Opportunities

DevOps.com is now providing a weekly DevOps jobs report through which opportunities for DevOps professionals will be highlighted as part of an effort to better serve our audience. Our goal in these challenging economic times is to make it just that much easier for DevOps professionals to advance their careers. Of course, the pool of available DevOps talent is still relatively constrained, so when one DevOps professional takes on a new role, it tends to create opportunities for others. The ten job postings shared this week are selected based on the company looking to hire, the vertical industry segment and naturally, the pay scale being offered. We’re also committed to providing additional insights into the state of the DevOps job market. In the meantime, for your consideration. Greenhouse HERE New York, NY Government DevOps Engineer – USA $145,000 to $185,000 Rocket Lab Littleton, CO DevOps Engineer II/Senior $115,000 to $170,000 Mixpanel Remote, US Software ...
Post a Comment
Read more

From Phishing to Vishing: Why DevSecOps Must Rethink Communication Security

Key Takeaways: Vishing is the new frontline threat: Attackers are shifting from emails to phone-based scams, using AI and social engineering to bypass traditional security controls. DevSecOps must expand its scope: Securing code is no longer enough; communication channels like voice, chat, and messaging must be integrated into threat models and security pipelines. Human and technical defenses must work together: Strong architecture (encryption, authentication, Zero Trust) combined with employee awareness and verification practices is key to stopping modern social engineering attacks. As cybercriminals shift from email to phone lines, security professionals need to expand their scope. As a result, voice phishing or “vishing”, which involves social engineering through telephones or VOIP, is becoming increasingly common alongside traditional email phishing. Recent statistics indicate an exponential rise in vishing cases, which cost people over $1.2 billion in 2023. In this day and ...
Post a Comment
Read more

Shift-Left Performance Testing in CI/CD: A Practical LoadRunner Framework

CI/CD pipelines speed up software delivery, but performance testing is often delayed, resulting in late feedback and costly fixes. Many teams run tests earlier but fail to enforce performance as a deployment gate. This article provides a practical framework for integrating LoadRunner Enterprise into CI/CD pipelines, enabling continuous, automated and enforceable performance validations with early regression detection. The Problem: Shift Left in Theory Vs. Reality Despite the theory, many teams: Run tests only in QA or staging Perform manual reviews without automated enforcement Fail to block deployments when performance thresholds are breached The Real Challenge: It’s not the tools — it’s integration and enforcement. Shift left is effective only when performance is a primary release criterion, not just an earlier activity. Why Early Performance Validation Matters Delayed testing leads to late bottleneck discovery, slow feedback and production incidents. Integrating performan...
Post a Comment
Read more

Akrites: The Latest Attempt to Protect Open-Source From AI Attacks Has Arrived

Akrites, a new Linux Foundation initiative backed by many of the world’s largest tech and financial firms, is the industry’s latest attempt to get ahead of AI‑accelerated software supply chain risks by hardening critical open source projects before attackers can exploit them. On June 25, the Linux Foundation unveiled Akrites , a coordinated industry program designed to find, fix, and responsibly disclose vulnerabilities in open-source software exploited by AI-based attackers. It’s not the first such effort. But Akrites may be the most comprehensive. One such initiative is Chainguard’s Athena coalition , which seeks to repair open-source flaws before attackers can exploit them. Another is IBM and Red Hat’s Project Lightwell , which has similar goals. These two, however, seek to provide safe code and a platform for managing compliance, SBOMs, and governance across heterogeneous open‑source supply chains. Akrites’ mission, on the other hand, is to give the indus...
Post a Comment
Read more

AI Is Exposing a Growing Blind Spot in Open Source Security

With AI, teams across organizations are now building internal applications faster than ever, often pulling in open source libraries and frameworks without much thought about long-term support, lifecycle management, or security ownership. An unintended consequence of this is that unsupported open source software (OSS) is quietly spreading across environments faster than security and engineering teams can keep track of it. Most organizations already struggled with open source visibility before AI-assisted development became mainstream. Now, many are also accumulating technical debt at a much faster rate, creating future maintenance, security, and migration obligations every time new dependencies are introduced. The question is no longer simply how fast organizations can build software with AI. It’s whether they can securely govern and sustainably support the software ecosystems they are creating. Unsupported OSS is Becoming a Major Blind Spot Many organizations already have unsu...
Post a Comment
Read more