» Tag
security
8 postsRootless Edge Deployments: Daemonless CI/CD with Podman and Buildah
Mounting a root Docker socket in CI/CD pipelines with hardware access is a major risk. Podman and Buildah's rootless, daemonless design mitigates it.
podmanbuildahcontainerssecurityReal-World gVisor Lessons from Auditing 8,764 MCP Servers
MarketNow shares practical lessons from running gVisor sandboxing in production, backed by real audit results across 8,764 MCP servers.
gvisorfirecrackersandboxingmcpPost-quantum cryptography lands in Python with a single pip install
pyca/cryptography 48 now ships ML-KEM and ML-DSA, bringing NIST-standard post-quantum algorithms to Python. Trail of Bits explains what changes for developers and protocols.
cryptographypythonpost-quantumsecurityMetis: Arm's Open-Source Agentic Security Review Tool
Metis, built by Arm's Product Security Team, is an open-source framework that uses LLM reasoning to find security vulnerabilities across large codebases.
securityaillmstatic-analysisAI Code Audit: 15 Security Flaws Claude Found in Production
An LLM-based security audit uncovered 15 OWASP-classified flaws-SQL/NoSQL injection, IDOR, path traversal-each shown with vulnerable and fixed code.
securityowaspllmcode-reviewResearchers Uncover Git Hash Chain Malleability in Signed Commits
New research shows signed Git commit hashes can be altered while keeping a valid signature and GitHub's Verified badge, undermining commit integrity assumptions.
gitcryptographysupply-chain-securityecdsaPi Agent Rust: A High-Performance AI Coding Agent CLI in Rust
pi_agent_rust is a Rust rewrite of Mario Zechner's Pi Agent, offering a single binary, instant startup, and hardened extension security for terminal AI coding.
rustai-agentscli-toolsdeveloper-toolsLogging Into Higgsfield CLI on a Headless Server: The localhost Trap
Why OAuth PKCE CLI logins fail on headless servers: localhost is per-machine, redirect URIs are allowlisted, and how replaying the callback URL manually solves it.
oauthclidevopsauthentication