Tracy Ragan, CEO DeployHub

The CDF Awards are open - Nominate or self-nominate in general CDF categories, and for each project. @cdeliveryfdn.bsky.social Learn more at https://cstu.io/479549

hackerbot-claw: An AI-Powered Bot Actively Exploiting GitHub Actions - Microsoft, DataDog, and CNCF Projects Hit So Far - StepSecurity A week-long automated attack campaign targeted CI/CD pipelines across major open source repositories, achieving remote code execution in at least 4 out of 5 targets. The attacker, an autonomous bot called hackerbot-claw, used 5 different ex...

Check your repos! @openssf published their first security alert, and it is big. hackerbot-claw: An AI-Powered Bot Actively Exploiting GitHub Actions - Microsoft, DataDog, and CNCF Projects Hit So Far - StepSecurity https://share.google/nTL8rigasYgm2FA2b

It was a pleasure chatting with Steve on the topic of vulnerabilities, and how we can cut the constant noise by focusing on addressing the ones that impact our live systems - post deployment. https://www.techleadertalk.com/managing-software-vulnerabilities-tracy-ragan/

AWS's Crosier Talks Accelerating Intelligence With the Space-Based Cloud Clint Crosier explains the evolution of the space-based cloud, and how AWS worked for nearly a decade to solve one of the most important operational challenges of the modern, connected age – getting a firm grasp on big data.

Satellite technology will become our future data centers. Learn about the #Space-Based-Cloud {(urn:li:organization:2382910)[Amazon Web Services (AWS)]} https://cstu.io/b2cf1b

Why “Digital Twins” Matter, and What They Offer to DevSecOps and Platform Engineers Software continues to become more complex and vulnerable, with microservices, Agentic AI, orchestration, infrastructure as code, dynamic configurations, and fluid environments adding to the heap. Keeping track of software security and syste...

Digital Twins in #DevSecOps and #PlatformEngineering can be the future of rapid response to vulnerabilities running in production. #supplychainsecurity #CICD @cdeliveryfdn.bsky.sociald https://cstu.io/99cb03

AWS's Crosier Talks Accelerating Intelligence With the Space-Based Cloud Clint Crosier explains the evolution of the space-based cloud, and how AWS worked for nearly a decade to solve one of the most important operational challenges of the modern, connected age – getting a firm grasp on big data.

Satellite technology will become our future data centers. Learn about the #Space-Based-Cloud {(urn:li:organization:2382910)[Amazon Web Services (AWS)]} https://cstu.io/b2cf1b

AI agents 2026's biggest insider threat: PANW security boss interview: Lock 'em down

If you follow me, you know I've been talking about #AIAgent security A LOT over the last year. Here are points on the topic from Wendi Whitmore, Chief Security Intel Officer @paloaltonetworks.com https://cstu.io/39f4d8

Why “Digital Twins” Matter, and What They Offer to DevSecOps and Platform Engineers Software continues to become more complex and vulnerable, with microservices, Agentic AI, orchestration, infrastructure as code, dynamic configurations, and fluid environments adding to the heap. Keeping track of software security and syste...

Digital Twins in #DevSecOps and #PlatformEngineering can be the future of rapid response to vulnerabilities running in production. #supplychainsecurity #CICD @cdeliveryfdn.bsky.sociald https://cstu.io/99cb03

Personal Details of Thousands of Border Patrol and ICE Goons Allegedly Leaked in Huge Data Breach A DHS whistleblower appears to have exposed data on federal immigration workers after the shooting of Renee Good.

Well, this does not surprise me. https://cstu.io/d45371

New Cybersecurity Rules for Pentagon’s Satellite Vendors The Pentagon recently issued new rules on cybersecurity measures that commercial satellite operators must employ.

I think the Pentagon may have heard our DeployHub pitch - their new rules include: Implement security patch management for on-board and ground segment software, yes, Post-Deployment detection required #cybersecurity #satelliteoperators https://cstu.io/181ecd

Why “Digital Twins” Matter, and What They Offer to DevSecOps and Platform Engineers Software continues to become more complex and vulnerable, with microservices, Agentic AI, orchestration, infrastructure as code, dynamic configurations, and fluid environments adding to the heap. Keeping track of software security and syste...

Digital Twins in #DevSecOps and #PlatformEngineering can be the future of rapid response to vulnerabilities running in production. #supplychainsecurity #CICD @cdeliveryfdn.bsky.sociald https://cstu.io/99cb03

AI agents 2026's biggest insider threat: PANW security boss interview: Lock 'em down

If you follow me, you know I've been talking about #AIAgent security A LOT over the last year. Here are points on the topic from Wendi Whitmore, Chief Security Intel Officer @paloaltonetworks.com https://cstu.io/39f4d8

AWS's Crosier Talks Accelerating Intelligence With the Space-Based Cloud Clint Crosier explains the evolution of the space-based cloud, and how AWS worked for nearly a decade to solve one of the most important operational challenges of the modern, connected age – getting a firm grasp on big data.

Satellite technology will become our future data centers. Learn about the #Space-Based-Cloud {(urn:li:organization:2382910)[Amazon Web Services (AWS)]} https://cstu.io/b2cf1b

cdCon Finalist in 2025 DevOps Dozen Award - CD Foundation cdCon is a finalist in the 2025 DevOps Dozen Awards for Best DevOps Event of the Year!

Vote for #CDCon for DevOps Dozen Award - show them some love. {(urn:li:organization:19100461)[Continuous Delivery Foundation]} https://cstu.io/b54cf8

Ortelius is asking for some GitHub stars from Santa. You can help by visiting the Ortelius GitHub repo and giving it a star. https://cstu.io/237edb

Ortelius is asking for some GitHub stars from Santa. You can help by visiting the Ortelius GitHub repo and giving it a star. https://cstu.io/237edb

Attack Surface Visibility for Open-Source Software Security Enhance your security with Attack Surface Visibility to identify vulnerabilities in open-source packages and deployed environments.

For addressing high-risk and critical #CVEs the most important information is your attack surface. #softwaresupplychain #cybersecurity #devsecops https://cstu.io/8f8cdb

Ortelius is asking for some GitHub stars from Santa. You can help by visiting the Ortelius GitHub repo and giving it a star. https://cstu.io/237edb

cdCon Finalist in 2025 DevOps Dozen Award - CD Foundation cdCon is a finalist in the 2025 DevOps Dozen Awards for Best DevOps Event of the Year!

Vote for #CDCon for DevOps Dozen Award - show them some love. {(urn:li:organization:19100461)[Continuous Delivery Foundation]} https://cstu.io/b54cf8

Ortelius is asking for some GitHub stars from Santa. You can help by visiting the Ortelius GitHub repo and giving it a star. https://cstu.io/237edb

cdCon Finalist in 2025 DevOps Dozen Award - CD Foundation cdCon is a finalist in the 2025 DevOps Dozen Awards for Best DevOps Event of the Year!

Vote for #CDCon for DevOps Dozen Award - show them some love. {(urn:li:organization:19100461)[Continuous Delivery Foundation]} https://cstu.io/b54cf8

Ortelius is asking for some GitHub stars from Santa. You can help by visiting the Ortelius GitHub repo and giving it a star. https://cstu.io/237edb

Shai-Hulud 2.0: Aggressive & Automated, One Of Fastest Spreading NPM Supply Chain Attacks Ever Observed Shai-Hulud 2.0 is an aggressive, automated NPM supply chain attack. Get the full analysis on credential theft, GitHub backdoors, and IOCs.

"You gotta watch out for the sandworms" - a really bad #softwaresupplychian attack. Wave 2 of #Shai-Hulud https://cstu.io/700f03

New Cybersecurity Rules for Pentagon’s Satellite Vendors The Pentagon recently issued new rules on cybersecurity measures that commercial satellite operators must employ.

I think the Pentagon may have heard our DeployHub pitch - their new rules include: Implement security patch management for on-board and ground segment software, yes, Post-Deployment detection required #cybersecurity #satelliteoperators https://cstu.io/181ecd

Attack Surface Visibility for Open-Source Software Security Enhance your security with Attack Surface Visibility to identify vulnerabilities in open-source packages and deployed environments.

For addressing high-risk and critical #CVEs the most important information is your attack surface. #softwaresupplychain #cybersecurity #devsecops https://cstu.io/8f8cdb

CISA, eyeing China, plans hiring spree to rebuild its depleted ranks The agency will also change some of its workforce policies to avoid driving away talented staff.

It is a shame they gutted CISA in the first place - might be hard to bring that expertise back. CISA hiring in 2026. https://cstu.io/e4a7b5

cdCon Finalist in 2025 DevOps Dozen Award - CD Foundation cdCon is a finalist in the 2025 DevOps Dozen Awards for Best DevOps Event of the Year!

Vote for #CDCon for DevOps Dozen Award - show them some love. {(urn:li:organization:19100461)[Continuous Delivery Foundation]} https://cstu.io/b54cf8

Attack Surface Visibility for Open-Source Software Security Enhance your security with Attack Surface Visibility to identify vulnerabilities in open-source packages and deployed environments.

For addressing high-risk and critical #CVEs the most important information is your attack surface. #softwaresupplychain #cybersecurity #devsecops https://cstu.io/8f8cdb

Understand what is missing in your security stack - a defensive post-deployment approach, pinpointing what #CVEs are impacting live systems now. https://cstu.io/0f65d5

cdCon Finalist in 2025 DevOps Dozen Award - CD Foundation cdCon is a finalist in the 2025 DevOps Dozen Awards for Best DevOps Event of the Year!

Vote for #CDCon for DevOps Dozen Award - show them some love. {(urn:li:organization:19100461)[Continuous Delivery Foundation]} https://cstu.io/b54cf8