The supply chain attack that compromised Aqua Security’s Trivy open source security vulnerability scanner and its associated GitHub Actions earlier this month continues to expand, with software development tools from Checkmarx and LiteLLM being the latest victims of the sophisticated campaign. The threat group behind it, TeamPCP, is using the attacks to create persistence and to steal credentials and sensitive digital keys from organizations. “The TeamPCP stealer’s primary function is harvesting credentials from CI runner memory,” Sysdig threat researchers wrote. “When a compromised Trivy action executes in a workflow, it extracts GitHub personal access tokens (PATs) and other secrets from…
Author: drweb
The pitch is irresistible. An AI agent that investigates your 2 a.m. production incident, correlates signals across dozens of services, cross-references your runbooks and hands you a root-cause analysis before your on-call engineer has finished rubbing their eyes. This is the promise of AI reliability engineering (AIRE), and in 2025, a wave of startups and incumbents are racing to deliver it. What the pitch decks don’t show you is the gap between buying the tool and actually benefiting from it. Most organizations are not ready, and the ones that are discovering this the hard way are doing so at the worst possible time: In the middle of an outage. The AIRE Landscape is Moving…
DevOps has changed fast in the last decade. Scripts became pipelines. Pipelines became platforms. Now, AI agents in DevOps automation are leading the next wave. Today’s cloud systems are complex. Teams manage containers, microservices and hybrid clouds. Manual work slows them down. Traditional automation also struggles with scale. That is why AI agents in DevOps automation are gaining attention. Many organizations now partner with an experienced AI development company to design intelligent systems that support automation at scale. These systems help teams reduce manual effort while improving accuracy. These agents do more than follow rules. They observe systems, learn from data and act on their own. Many teams…
I previously wrote about how the underlying technology for Fabric mirroring changed with SQL Server 2025. The latest version of mirroring that uses the SQL Server Change Feed is reading from the database transaction logs and pushing the data to a landing zone in OneLake. The data is then merged into the Delta tables for the Fabric mirrored database.In this blog post, we will look at how to monitor this process, both in SQL Server and in Fabric. Monitoring in the Fabric PortalThe item page for the mirrored database in the Fabric portal shows replication status for the database overall…
LocalStack at the KubeCon + CloudNativeCon Europe conference this week unveiled a revamped command line interface (CLI), dubbed 1stk, for its framework that enables emulations of Amazon Web Services (AWS) environments to be run on a local machine. The CLI in version 3 of the AWS 2026 edition of the framework, in addition to providing a single binary that is easier to install, also adds a Terminal UI (TUI) that walks developers through steps such as authentication or setting up an AWS profile. Additionally, it offers better log viewing, which is now also turned off by default. At the same…
In this episode, we hear from two sisters who put together a beginner’s book about Python. The unique hook for their book is that one sister wrote the text while the other did the illustrations. Listen in as we learn about these incredible sisters and how they got into software programming, writing, and technical education. You can check out their book, Python Illustrated, on Packt or Amazon. Maaike is an Udemy instructor, and she also has courses on Pluralsight. This episode was originally published on The Python Show!
Last December, the International Telecommunication Union (ITU), the United Nations’ (UN) body for information and communication technologies, supported Open Cybersecurity Schema Framework (OCSF) for ratification as an international standard by June 2026. Standardization is now a global necessity as governments worldwide integrate ITU standards into their national cybersecurity policies. First, What is OCSF? The OCSF provides a standardized approach to streamline security operations, improve threat detection, and accelerate incident response. This unlocks the full potential of security data. A standardized schema for security events normalizes data from various sources, which creates a unified foundation for advanced analytics and AI-powered tools. This standardization is crucial…
A few days ago, I published my proposition of the Claude Code template for a typical Spring Boot application in this GitHub repository. The level of interest in this repository has exceeded my highest expectations. I’ve received a lot of feedback from you, but I’m looking forward to more. Of course, the project itself is still under development. So if you’d like to provide feedback or have ideas for improving it, I encourage you to create issues, pull requests, or visit the “Discussions” panel, which I’ve enabled for this repository. If you’re interested in Java and Spring Boot applications, particularly…
Cardiff, Wales, March 24th, 2026, CyberNewswire Critical Cloud today announced that it has become the world’s first partner to achieve the “Powered by Datadog” accreditation, recognising a managed service model built on Datadog (NASDAQ: DDOG) as its operational foundation across AWS and Azure environments. “Powered by Datadog” is a premier designation awarded to partners who have deeply embedded Datadog into their managed services and demonstrated technical and onboarding excellence. Each partner undergoes formal technical review by Datadog technical teams, validating architecture, onboarding, governance maturity, and live customer implementations. Achieving “Powered by Datadog” requires partners to hold the Certified Datadog Advanced Partner status and…
We wanted to provide you information about a security incident that we became aware of that affects customers who use the Aqua Security Vulnerability scanner (Trivy) across multiple distribution channels including Docker Hub, GitHub, and npm. Between 18:24 UTC on March 19, 2026 and 01:36 UTC on March 23, 2026, Docker Hub customers who pulled the Trivy images with the 0.69.4, 0.69.5, 0.69.6, and latest tags may have had their CI/CD secrets, cloud credentials, SSH keys, and Docker configurations compromised. Around 08:00 UTC on March 23, 2026, Docker worked with Aqua Security to remove these compromised scanner image versions. If…