Source Code Management (SCM) stories

JFrog warns 13 GitHub CI/CD workflow flaws, mostly critical, could let attackers hijack pipelines and steal secrets at scale.

AMD shifts its AI pitch from raw silicon to open software and cloud access as it targets developers and a share of looming trillions.

GitProtect DevOps backup lands on Microsoft Marketplace, giving Azure customers streamlined procurement and deployment for code protection.

GitLab expands its MSP partner programme to deliver agentic AI-powered DevSecOps as a managed service with strict data sovereignty controls.

Datadog warns 87% of organisations run software with exploitable flaws as ageing code, fast releases and automation amplify DevSecOps risk.

Anthropic upgrades Claude Cowork with private plugin marketplaces, richer admin controls and Office-linked workflows for enterprise teams.

Potpie AI secures USD $2.2m pre-seed to build an ontology-first context layer helping AI agents navigate massive enterprise codebases.

Adfinis launches Secretz Enterprise, a flat-fee OpenBao-based secrets service promising up to 50% savings and 24/7 support.

Amplitude has launched autonomous AI analytics agents that watch product usage, flag metric shifts and recommend fixes across popular tools.

Anthropic raises USD $30bn in new backing, lifting the AI group's valuation to USD $380bn as demand for its Claude models surges.

GitHub debuts Agentic Workflows, using AI agents with strict guardrails to automate repo chores while keeping maintainers in control.

Okta warns North Korean operatives are landing remote tech jobs with stolen and synthetic identities to fund the regime and enable cyber attacks.

CodeRabbit launches Issue Planner beta, embedding AI prompt planning into Jira, Linear, GitHub and GitLab to cut failures from unclear briefs.

China-linked Warlock ransomware group exploits SmarterMail flaw for admin takeovers, chaining features to gain full Windows control.

GitLab unveils agentic AI strategy to orchestrate software delivery, adding governance tools, maturity assessments and a developer hackathon.

Bitdefender says 17% of OpenClaw AI skills act maliciously, with crypto-focused tools spreading macOS infostealers into corporate networks.

Anthropic adds Claude plugins to Cowork, fuelling investor fears that agent-style AI could undermine traditional seat-based software.

AvePoint extends its Confidence Platform to tighten agentic AI governance and broaden multi-cloud backup across major SaaS and IaaS tools.

Qodo 2.0 launches multi-agent AI code review to boost trust in autogenerated code, claiming 11% better detection of critical issues.

NeuBird AI's agentic SRE platform autonomously resolved 230,000 alerts in a year, saving 12,000 hours and USD $1.8 million in costs.