A prompt-injected GitHub issue tricked Cline’s AI triage bot into running attacker code, leading to a compromised npm token and a malicious cline@2.3.0 release. 🧩

Around 4,000 developers unknowingly got OpenClaw installed with broad system access, showing how “AI installs AI” can quietly escalate supply-chain risk. 🛡️

🔗 https://grith.ai/blog/clinejection-when-your-ai-tool-installs-another

#TechNews #Security #SupplyChain #AI #Developers #GitHub #npm #PromptInjection #OpenClaw #Cline #DevOps #DevSecOps #Automation #Privacy #Cybersecurity

Have you ever wanted maven repository auth to be better? I just posted a new blog post on an attempt to do that.

https://arktekk.no/blogs/2026_maven-credential-helper.html

#java #maven #ops #devops #devsecops

It's Push to Production Friday! What could go wrong?

(one of my clients devs are notorious for doing this and breaking things) #DevOps #DevSecOps #PushToProdFriday

ALT

@zaproxy Released add-ons today:

GraphQL ➡️ Fixes the optional integration with the Tech Detection add-on which had been failing.

OpenAPI ➡️ Re-enables Swagger Secret Detector Script Scan Rule, the JS Engine memory leak has been addressed.

#AppSec #DevSecOps #WebAppSec #BugBountyTips

🔐 Security ist kein Last-Minute-Feature.

Wer #SecurityByDesign früh umsetzt, verhindert teure Fixes und Risiken wie im Fall von Subaru – verursacht durch eine Webapplikation mit schwacher Sicherheitsarchitektur.

In seiner aktuellen Kolumne «Schlicht und einfach» zeigt @madmas, wie Shift Left und #DevSecOps helfen, #Security als durchgehende Verantwortung früh im Entwicklungsprozess zu verankern:

👉 https://www.inside-it.ch/schlicht-und-einfach-security-by-design-20251204

#CyberSecurity #SoftwareArchitecture #WeAreKarakun

Anyone using AWS should know what an SCP 🔏 is (imho 😀) Used in the right way, they should help you to 💸 control cost 🧘‍♂️ reduce operational work 👮‍♀‍stay secure. Need a quick explanation or refresher on Service Control Policies? ⬇ https://www.youtube.com/watch?v=vBoLC2oSUPo #AWS #security #devsecops