Operations | Monitoring | ITSM | DevOps | Cloud

haproxy

Protecting against HTTP/2 Bomb vulnerability (CVE-2026-49975) with HAProxy

Jun 5, 2026 By Ron Northcutt In HAProxy
On June 2, 2026, security researchers disclosed a remote denial-of-service (DoS) exploit named the HTTP/2 Bomb. This flaw allows unauthenticated remote attackers to rapidly exhaust server memory, rendering major web servers inaccessible.
Read Post
4 Best Chainguard Alternatives for Zero-CVE Images in 2026

4 Best Chainguard Alternatives for Zero-CVE Images in 2026

Jun 5, 2026 By OpsMatters In OpsMatters
Chainguard helped make zero-CVE and near-zero-CVE container images a mainstream topic in cloud-native security. For many engineering and security teams, the core appeal is clear: fewer vulnerabilities in base images, smaller attack surfaces, stronger software provenance, and less time wasted chasing noisy vulnerability reports.
Read Post
motadata

Patch Management vs Vulnerability Management: What are Key Differences?

May 29, 2026 By Written by In Motadata
What keeps systems secure in real IT environments, applying fixes quickly or knowing what needs attention first? Most IT teams do not struggle because they lack tools or processes. They struggle because two critical functions are often mixed together. Patch management and vulnerability management. This creates a gap between what is being fixed and what actually needs to be fixed. The challenge is that teams deal with constant alerts, regular updates, and growing security risks.
Read Post

How to Import Microsoft Defender Vulnerabilities into NinjaOne

May 29, 2026 By NinjaOne In NinjaOne
NinjaOne Field CTO, Jeff Hunter, demonstrates how to automate the vulnerability importation from Microsoft 365 into NinjaOne. While this process can be automated using Microsoft Azure Functions or AWS Lambda, for the purposes of this demonstration we will be using an API server. Chapters.
View Video
ivanti

To Up-Level Your Security Maturity, Rethink Your Vulnerability Remediation Capabilities

May 28, 2026 By Chris Goettl In Ivanti
Security teams are drowning in vulnerabilities. We’re talking tens of thousands of findings per quarter. Hundreds of thousands at larger organizations. Today's IT environments have no boundaries and span across every OS platform. Managing and securing that estate in a linear fashion is no longer viable, and neither is a vulnerability remediation process that treats every fix as a simple, low-impact task.
Read Post
haproxy

HAProxy Enterprise WAF protects against Drupal core SA-CORE-2026-004 SQL Injection (CVE-2026-9082)

May 21, 2026 By Jakub Suchy In HAProxy
On May 20th, 2026, the Drupal Security Team published a new advisory disclosing a security vulnerability report in the database driver of the Drupal content management system. The issue affects installations configured to use PostgreSQL as their database, leading to a possible SQL Injection.
Read Post
How Unified Vulnerability Management Improves Security and Reduces Risk

How Unified Vulnerability Management Improves Security and Reduces Risk

May 11, 2026 By OpsMatters In OpsMatters
In today's rapidly changing digital landscape, organizations face an unprecedented level of cyber threats. Vulnerabilities in software, hardware, and network configurations are exploited daily, leading to data breaches, financial losses, and reputational damage. Traditional vulnerability management often struggles to keep pace with the sheer scale and complexity of modern IT environments. This is where unified vulnerability management comes into play. But what is unified vulnerability management, and how does it make a meaningful difference in improving security and reducing risk?
Read Post
Cycle

A New Era of Linux Kernel Vulnerabilities

May 8, 2026 By Alexander Mattoni In Cycle
There have been TWO major kernel vulnerabilities announced this week. Copy-Fail (CVE-2026-31431) was announced on April 30th. Dirty Frag (CVE-2026-43284), also known as 'Copy Fail 2: Electric Boogaloo' announced literally hours ago. Both have already been patched on Cycle, and our users can receive this update simply by restarting their nodes. The Linux patch was released less than an two hours ago, and we're the first to get it to our customers.
Read Post
2029 May Be the Turning Point for the Quantum Computing Threat

2029 May Be the Turning Point for the Quantum Computing Threat

Apr 21, 2026 By OpsMatters In OpsMatters
In recent weeks, Google Research released a whitepaper stating that in the future, a sufficiently powerful quantum computer could potentially break a significant portion of the cryptography currently securing the Bitcoin network. The authors established a remarkably specific timeframe for this to happen: 2029.
Read Post
Balancing DevOps Speed and Cybersecurity: Where Risks Arise

Balancing DevOps Speed and Cybersecurity: Where Risks Arise

Apr 20, 2026 By OpsMatters In OpsMatters
In modern development, speed is one of the primary competitive advantages. Teams release new versions daily, infrastructure is deployed in minutes, and the pipeline from commit to production keeps getting shorter. This creates real business value - but it is also an area where security risks quietly accumulate. The problem is not that DevOps teams ignore security. More often, they are forced to choose between speed and thorough validation. And this choice, made dozens of times each week, gradually builds up security technical debt that sooner or later turns into a real incident.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.