Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk

Hardcoding Security into Every Commit: The Future of Snyk Secrets

Apr 23, 2026 By Kate Powers Burke In Snyk
In the modern software development lifecycle, the speed of innovation is often at odds with the security of our most sensitive data. As organizations embrace cloud-native development and AI-generated code, they face a phenomenon known as “secret sprawl”, aka, the uncontrolled and widespread distribution of API keys, passwords, and tokens across repositories, CI/CD logs, and developer collaboration tools.
Read Post
Snyk

JPMorgan Just Published a Cyber To-Do List and Snyk Covers 8 of the 10 Items. How do you stack up?

Apr 23, 2026 By John Carione In Snyk
JPMorganChase's Global Technology Leadership published "Fortifying the enterprise: 10 actions to take now for AI-ready cyber resilience" on April 17, 2026. It's a CISO mandate for every large enterprise. Snyk directly addresses 8 of those 10 actions — out of the box, in the developer workflow, with one platform.
Read Post

How to scan your code bases using AI for vulnerabilities with Jeff McJunkin

Apr 23, 2026 By LimaCharlie In LimaCharlie
Join us for this week's Defender Fridays as Jeff McJunkin, Founder of Rogue Valley Information Security, walks through how he built an AI-powered pipeline to scan large codebases for real, exploitable vulnerabilities, using the Linux kernel as his proving ground. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.
View Video

Unexpected hurdles creating U.S. cyber policies

Apr 23, 2026 By LimaCharlie In LimaCharlie
The early days of U.S. cyber policy were defined by agencies that had no common language and no playbook to follow. J. Michael Daniel, President and CEO of Cyber Threat Alliance and former White House cybersecurity coordinator, talks through what it actually took to coordinate cyber policy across the federal government, build public-private partnerships that work, and stand up an intelligence sharing organization that serves the entire cybersecurity industry.
View Video
nakivo

How to Protect Backups from Ransomware with NAKIVO's Malware Scan

Apr 23, 2026 By NAKIVO Team In NAKIVO
Backups have become a primary target for ransomware. Hackers want to ensure that companies pay the ransom by not allowing them to recover their data independently. With NAKIVO Backup & Replication, you get several features (for example, immutable backup targets) to ensure that once created, a backup cannot be infected or corrupted with a new ransomware infection.
Read Post
gitprotect

How We Prevented a Critical Jira Data Loss Incident (and So Can You)

Apr 23, 2026 By Łukasz Dydek In GitProtect
As daily Jira users, the GitProtect Team experiences the platform’s pros and cons firsthand. A recent notification from Atlassian about data loss was a sharp reminder of digital fragility. Without GitProtect, our enterprise-grade backup solution, the loss could potentially turn into a critical data incident. Let’s see what happened and how we responded.
Read Post
aikido

Is Shai-Hulud Back? Compromised Bitwarden CLI Contains a Self-Propagating npm Worm

Apr 23, 2026 By Ilyas Makari In Aikido
Version 2026.4.0 of the widely-used @bitwarden/cli npm package (78,000 weekly downloads) has been identified as malicious. The package contains a sophisticated multi-stage credential theft worm that explicitly names itself "Shai-Hulud: The Third Coming", a direct callback to previous Shai-Hulud supply chain campaigns, and targets developer credentials including SSH keys, cloud secrets, and even MCP configuration files.
Read Post
Torq

From 24/7 On-Call to Holidays Off: AI SOC Automation Results from Three Security Teams

Apr 23, 2026 By John White In Torq
See how Torq harnesses AI in your SOC to detect, prioritize, and respond to threats faster. Request a Demo John White is the Field CISO for EMEA at Torq. A respected security executive with more than 20 years of leadership experience, John previously served as CISO at Virgin Atlantic, where he led a multi-year transformation deploying the Torq AI SOC Platform to modernize cyber operations.
Read Post
teramind

13 Real-life Insider Threat Examples

Apr 23, 2026 By Taran Soodan In Teramind
While many organizations focus on external threat actors, insider threats are a significant risk that can devastate a business from within. Because these individuals have legitimate access to a company’s systems, their actions — whether motivated by financial gain or caused by human error — often bypass security controls. And the problem is only getting worse. According to the Ponemon Institute, insider attacks increased by 47% from 2023-25.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.