SD Times

Best practices for CI/CD migration: The GitHub Enterprise example

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...
InfoWorld

AI in CI/CD pipelines can be tricked into behaving badly

Malicious content in issues or pull requests can trick AI agents in CI/CD workflows into running privileged commands in an attack researchers nicknamed PromptPwnd. AI agents embedded in CI/CD ...
Dark Reading

GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln

For the second time in less than a month GitLab has users scrambling to address a critical vulnerability in the community and enterprise editions of its DevOps ...
Visual Studio Magazine

Hardening CI/CD: Essential Strategies to Mitigate Security Risks

As DevOps practices mature and Continuous Integration/Continuous Deployment (CI/CD) pipelines become more deeply embedded in the software delivery lifecycle, the ...

Critical AWS supply chain vulnerability could have let hackers take over key GitHub repositories

The vulnerability was spotted in August 2025, so users should patch now.
Bleeping Computer

GitLab warns of critical arbitrary branch pipeline execution flaw

GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw. The vulnerability, ...

CI/CD Pipelines Aren’t Enough: Why Enterprises Need An Identity Led DevSecOps Model

This paradigm shift has been led by Satish Yerram, who has transformed monolithic DevSecOps models into identity anchored ...