Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

certkit

BygoneSSL happened to us

Feb 16, 2026 By Todd H. Gardner In CertKit
A few months ago I wrote about BygoneSSL and the 1.5 million domains with valid certificates owned by someone else. Domains change hands but certificates don’t know. The old owner keeps their private key, and the certificate keeps working. It’s an industry problem, but it turns out it’s our problem too. We purchased certkit.dev for internal development and demos.
Read Post

Can You Trust AI Code? I Built a Scanner to Find Out

Feb 16, 2026 By Snyk In Snyk
Can you trust the code AI generates? In this video, we build a custom AI Security Benchmarking tool to put models like Gemini, Mistral, and GLM 4.5 to the test. Using Windsurf, OpenRouter, and Snyk, we automate a pipeline that prompts multiple LLMs to write an application, then immediately scans the output for security vulnerabilities.
View Video
Bitcoin Mining Without the Garage Setup: How Managed Infrastructure Is Changing Who Can Participate

Bitcoin Mining Without the Garage Setup: How Managed Infrastructure Is Changing Who Can Participate

Feb 12, 2026 By SecuritySenses In SecuritySenses
Bitcoin mining has moved a long way from the "noisy box in a spare room" era. As the network grew and competition intensified, mining became an operations business: power delivery, cooling, monitoring, maintenance, and uptime. For most people, that operational burden-not the idea of mining itself-is what makes participation impractical.
Read Post
The Digital Fortress: Understanding VDS Servers in the Modern Age

The Digital Fortress: Understanding VDS Servers in the Modern Age

Feb 11, 2026 By SecuritySenses In SecuritySenses
Imagine you are moving into a new apartment. You aren't sharing a single room like in a hostel (Shared Hosting), nor do you own the entire building (Dedicated Server). Instead, you have your own walls, your own front door, and your own utilities. So, let's consider a situation where you need a stable digital home for your business. This is exactly what a Virtual Dedicated Server (VDS) is. It is a portion of a physical server that acts entirely like a separate machine, giving you full control over your resources. While shared hosting splits power among many, VDS reserves it solely for your needs.
Read Post

How MCP Servers Can Propagate Prompt Injection #mcp #promptinjection #aisecurity

Feb 10, 2026 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video
teleport

How to Prevent Prompt Injection in AI Agents

Feb 9, 2026 By Sam Nawab In Teleport
In agentic architectures, model behavior is guided by a combination of system prompts, retrieved context, and tool-related inputs rather than a single instruction source. When signals conflict or include untrusted instructions, models must infer which inputs to follow. This ambiguity exposes an opening for prompt injection attacks.
Read Post

I Built a Production-Ready App in 20 Minutes with Claude Opus 4.6

Feb 9, 2026 By Snyk In Snyk
My boss dropped a bombshell at 4:00 PM: build a secure, production-ready app from scratch by tomorrow morning. Instead of panicking, I put Claude Opus 4.6 to the test. In this video, I walk you through the entire end-to-end process of using an AI agent to architect, code, and debug a full-stack application. We’ll look at "Plan Mode," how the AI handles environment errors (like Windows SQLite issues), and most importantly, how we verified the AI's code for security vulnerabilities using Snyk.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.