Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

jfrog

JFrog & GitHub: Unifying the Software Supply Chain, One Step at a Time... and Our 2025 GitHub Technology Partner Award

Oct 28, 2025 By Paul Garden In JFrog
Organizations increasingly demand platforms that not only accelerate software delivery but also provide trust, security, and traceability. At JFrog, the software supply chain is managed and secured by default, from commit to runtime. That’s why our deep integration with GitHub is central to how we help teams manage, monitor, and secure every step of software delivery. In this post, we’ll explore.
Read Post
jfrog

A Framework for Cloud Resilience: Practical Steps to Harden Your Software Supply Chain

Oct 23, 2025 By Sean Pratt In JFrog
This user quote, captured on Reddit, underscores the real-world consequence of cloud outages: when it happens, the world stops. As your organization scales, you often make strategic decisions to centralize your workloads, whether it’s meeting strict regulatory requirements that demand data locality, or minimizing latency for compute-heavy applications. The true challenge isn’t deciding which cloud vendor to go with; it’s mitigating the risk of a single point of failure.
Read Post
jfrog

JFrog Named as a Visionary in the 2025 Gartner Magic QuadrantTM for Application Security Testing

Oct 22, 2025 By Eyal Dyment In JFrog
We’re excited to announce that Gartner has named JFrog a ‘Visionary’ in the 2025 Magic QuadrantTM for Application Security Testing. We believe this reflects JFrog’s forward thinking strategy of integrating application security seamlessly throughout the entire software development lifecycle in ways that help organizations deliver their most secure, trusted applications without impacting developers’ productivity.
Read Post
jfrog

CVE-2025-6515 Prompt Hijacking Attack - How Session Hijacking Affects MCP Ecosystems

Oct 21, 2025 By Ori Hollander In JFrog
JFrog Security Research recently discovered and disclosed multiple CVEs in oatpp-mcp – the Oat++ framework’s implementation of Anthropic’s Model Context Protocol (MCP) standard. Among these, CVE-2025-6515 stood out due to its potential threat of hijacking MCP session IDs. Within the context of MCP we’ve dubbed this new attack technique “Prompt Hijacking“. Your browser does not support the video tag.
Read Post
jfrog

JFrog AppTrust: A Technical Deep Dive into Building a Trusted Software Supply Chain

Oct 16, 2025 By Jacqueline Basil In JFrog
Software supply chains have grown more complex as software delivery accelerates across more teams, technologies and environments. While the pace of releases continues to increase, the ability to manage these releases has not accelerated correspondingly. Developers and development operations are now firmly in the spotlight, as new regulations demand clear, auditable proof that every stage of the software lifecycle, from coding to production is secure and compliant.
Read Post
jfrog

Don't Guess What to Scan: Runtime Scope Ensures Full Production Coverage

Oct 15, 2025 By Ariel Antoni In JFrog
Are you confident that you’re scanning for security vulnerabilities on all your software running in production? If this question makes you uncomfortable don’t worry. First, you’re not alone. Second – keep reading. Almost all security teams today face a massive challenge: they’re drowning in data but lack direction.
Read Post

Reimagining Trust in Software Releases: A New Approach to Supply Chain Integrity (Part 2)

Oct 6, 2025 By JFrog In JFrog
Only secure, verified, compliant software should reach production. Full stop. With increasing pressure on modern development teams to deliver across security and compliance requirements, a fully-secured, attestable pipeline demands complete visibility and control across the entire release lifecycle in a single solution.
View Video

Reimagining Trust in Software Releases: A New Approach to Supply Chain Integrity (Part 1)

Oct 6, 2025 By JFrog In JFrog
Only secure, verified, compliant software should reach production. Full stop. With increasing pressure on modern development teams to deliver across security and compliance requirements, a fully-secured, attestable pipeline demands complete visibility and control across the entire release lifecycle in a single solution.
View Video

DevSecOps Unlocked: Fortify Your Software Supply Chain

Oct 3, 2025 By JFrog In JFrog
How can you ensure your software supply chain is resilient and prepared for the challenges ahead? In this exclusive session, we’ll reflect on key lessons from 2024 and showcase how JFrog is leading the way in securing DevOps pipelines for 2025 and beyond. Join us for an engaging conversation with industry experts as we uncover real-world insights, explore actionable strategies, and demonstrate innovations designed to safeguard your software delivery lifecycle in an evolving threat landscape.
View Video
jfrog

From Silos to Synergy: Unifying Your Security Tools for a Stronger More Resilient Software Supply Chain

Oct 1, 2025 By Paul Davis In JFrog
In the race to secure today’s ever-expanding attack surface, many companies have made a practice of using a mix of tools to monitor, assess, and remediate threats. This practice has resulted in a fragmented and chaotic landscape of security solutions across several teams, increasing complexity and forcing companies to have a reactive vs. proactive security posture.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.