DEVSECOPS

30 days · UTC

LIVE_DATA_STREAM // APRIL_14_2026

Synchronizing with global intelligence nodes...

DENSITY_RATIO: MAX

ANTHROPIC LAUNCHES PROJECT GLASSWING AND RESTRICTS CLAUDE MYTHOS PREVIEW TO HARDEN CRITICAL SOFTWARE

Anthropic launched Project Glasswing and a restricted Claude Mythos Preview, a model that reportedly finds thousands of serious software vulnerabiliti...

OPENAI

MAR_31 // 09:39

Codex command injection let attackers steal GitHub tokens; fixes shipped—teams should rotate and harden now

BeyondTrust disclosed a command injection in OpenAI Codex that could steal GitHub tokens; OpenAI hotfixed it and hardened defenses by late January. A...

LANGCHAIN

MAR_28 // 07:27

AI Dev Security Wake-Up: LangChain Issues, Betterleaks Scanner, and Enclave’s Oversight Launch

Reports of LangChain security issues land alongside new secrets tooling and a security-review startup focused on AI-era code and data flows. TechRada...

AI-TESTING

MAR_18 // 07:37

AI lands across the DevOps stack: Sauce Labs tests, Harness security, and Java 26

AI is moving from hype to plumbing in DevOps, landing in testing, security, and even Java’s core runtime. [Sauce Labs released an AI agent for genera...

THE-NEW-STACK

MAR_12 // 07:47

AI coding is jamming security queues because process, not tooling, is missing

A New Stack article argues two process failures with AI-generated code are clogging security review pipelines and slowing releases. The piece from Th...

OPENAI

MAR_06 // 10:28

OpenAI vs GitHub: enterprise push and rising lock‑in risk

OpenAI’s enterprise push and a reported GitHub rival raise new lock-in and architecture questions for teams adopting AI across the SDLC. OpenAI is re...

AURI

MAR_04 // 20:52

Endor Labs launches AURI: free security layer for AI coding agents

Endor Labs launched AURI, a free security intelligence layer for AI coding agents that scans code and dependencies, blocks malware, and helps fix bugs...

CLAWDBOT

JAN_27 // 11:01

CLAWDBOT CAN BUILD YOUR APP FAST—SECURE IT FASTER

Open-source agent ClawdBot can autonomously plan, code, test, and "self-heal" full web apps from a single prompt using Anthropic’s Claude 3 Opus and a...

AI-CODING-ASSISTANTS

CRITICAL_LEVEL // JAN_27 // 11:01

HARDEN AI CODING ASSISTANTS IN DEV ENVIRONMENTS WITH A 3‑PILLAR FRAMEWORK

AI assistants now sit in the hot path of your code, configs, and credentials—yet most EDR misses their API traffic; this framework focuses on Permissi...

GITHUB-COPILOT

JAN_27 // 09:56

3-pillar hardening for AI coding assistants in dev environments

AI assistants like Copilot, Claude Code, Cursor, and Gemini in VS Code have deep access to code, configs, and creds; a practical [hardening framework]...

GITLAB

DEC_26 // 06:31

GitLab.com rolling releases: monitor what's live now

GitLab maintains a continuously updated 'Available now on GitLab' page that lists what is currently deployed to GitLab.com. Use it to track features, ...

MCP

DEC_23 // 13:35

MCP in production: streamable HTTP, explicit /mcp endpoints, and security traps

A deep-dive guide outlines how to move MCP servers beyond local stdio to Streamable HTTP (SSE under the hood), including the need to target explicit /...