Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

certkit

Let's Encrypt simulated revoking 3 million certificates. Most ACME clients didn't notice.

Mar 30, 2026 By Todd H. Gardner In CertKit
On March 19th, Richard Hicks, one of our customers, emailed us about a certificate that had renewed after only a week. It was a 90-day certificate and he had not initiated the renewal. That’s the kind of thing that sends you straight to the logs. We found the answer right away. The certificate’s ARI renewal window had been shortened dramatically.
Read Post

Securing OpenClaw Access So It Can't Go Rogue

Mar 30, 2026 By Teleport In Teleport
In this video, we demonstrate how to securely grant an AI agent (OpenClaw) access to Teleport-protected Kubernetes resources using Teleport Machine Identity and tbot, without exposing secrets, API keys, or long-lived tokens. You’ll see how Teleport treats AI agents as first-class identities, enforcing strict RBAC controls so the agent can only do what it’s allowed to do, like reading logs, while being blocked from sensitive actions like deleting resources or accessing secrets.
View Video
armo

CVE-2026-32922: Critical Privilege Escalation in OpenClaw - What Cloud Security Teams Need to Know

Mar 30, 2026 By ARMO In ARMO
The adoption of personal AI assistants is on the rise. everywhere. Developers, power users, and in a few cases, entire teams self-host them to connect messaging apps, automate tasks, and interact with AI models across their infrastructure. But when these self-hosted gateways become compromised, the blast radius can extend far beyond a single user’s chat history.
Read Post
armo

AI Workload Security on Azure: Evaluating Defender for Cloud Against Specialized Runtime Tools

Mar 30, 2026 By Ben Hirschberg In ARMO
Your SOC gets a Defender for Cloud alert: “Suspicious API call from AI workload pod.” You click through and find a LIST secrets call against the Kubernetes API server from a pod running your invoice-processing agent on AKS. The pod’s Workload Identity has Contributor access to your key vault. By the time your analyst opens the AKS Security Dashboard, the pod has been rescheduled.
Read Post
armo

AI Agent Security Framework on AWS EKS: Implementation Guide

Mar 30, 2026 By Yossi Ben Naim In ARMO
You’ve enabled GuardDuty EKS Runtime Monitoring across your clusters. You’ve configured IRSA for your Bedrock-calling agents. CloudTrail is logging every bedrock:InvokeModel event. And last Tuesday, one of your AI agents exfiltrated 12,000 customer records through a sequence of API calls that every one of those tools recorded as completely normal—because at the control plane level, they were.
Read Post

GitHub Spark vs. Replit - Vibe Code Challenge

Mar 30, 2026 By Snyk In Snyk
We pit GitHub Spark (in public preview) against Replit's AI agent. The challenge? Build a fully functional community forum for DIY tips from a single prompt. We compare design aesthetics, mobile responsiveness, login security, and deployment speed to see which tool creates a truly production-ready application. Which one do you think deserved the win? Let me know in the comments!
View Video
mend

Famous Telnyx Pypi Package compromised by TeamPCP

Mar 27, 2026 By Tom Abai In Mend
Part 1 covered CanisterWorm, the self-spreading npm worm. Part 2 covered the malicious LiteLLM package and its.pth persistence. This post covers the third wave: a compromised telnyxPyPI package that hides its payload inside audio files and delivers entirely different malware depending on the victim’s operating system.
Read Post

Trivy/LiteLLM Breach: How to Identify Your Exposure and Contain It - 20-min Live Demo

Mar 27, 2026 By GitGuardian In GitGuardian
In this 20-minute live demo with Eric Fourrier (CEO and Founder of GitGuardian), Guillaume Valadon (Staff Cybersecurity Researcher at GitGuardian), & Dwayne McDaniel (Principal Developer Advocate at GitGuardian), you'll see how to determine if your machines were compromised by the ongoing Trivy and LiteLLM supply chain attack (attributed to TeamPCP), then scan for exposed secrets and get moving on remediation - step by step.
View Video

Understanding Malicious Packages in Modern Software Supply Chains

Mar 26, 2026 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video
The Hidden Costs Of Not Using Cloud Technology

The Hidden Costs Of Not Using Cloud Technology

Mar 26, 2026 By SecuritySenses In SecuritySenses
Business owners often stick to familiar routines - even when those habits drain the company bank account. Holding onto physical servers feels safe until the hidden bills for maintenance and repairs start piling up. These expenses act like a slow leak in your budget - slowly draining resources that could go toward growth. Many leaders overlook the subtle drains on their budget when they avoid modern systems. Shifting away from physical setups reveals expenses that were hiding in plain sight for years. Taking the step toward better systems is the only way to protect your long-term profits.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.