InfoQ Homepage Security Content on InfoQ
-
Jakarta EE 11 Delivers One New Specification, 16 Updated Specifications and Modernized TCK
Although a full GA release of Jakarta EE 11 was originally planned for July 2024, only the Core Profile and the Web Profile were delivered in December 2024 and April 2025, respectively. And now, the Jakarta EE 11 Platform has been delivered featuring one new specification and a new TCK. Ed Burns, release coordinator for Jakarta EE 11, spoke to InfoQ about the release of Jakarta EE 11.
-
AWS Shield Network Security Director: Network Topology Visibility and Remediation Guidance
Introducing AWS Shield Network Security Director: a game-changer in DDoS protection and network security visibility. This innovative feature automates resource discovery, evaluates configurations against best practices, and prioritizes security findings. With actionable remediation steps and natural language queries via Amazon Q Developer, organizations can enhance their security posture.
-
Docker Launches Hardened Base Images
Docker has launched its Docker Hardened Images (DHI), a security-focused range of base images that reduce vulnerabilities by up to 95%. Built using a distroless approach, these minimal images eliminate unnecessary components, offering automatic patching and compatibility with existing Dockerfiles. Ideal for regulated environments, DHI enhances software supply chain security and transparency.
-
Have I Been Pwned 2.0 Adds New Tools for Data Breach Monitoring
Have I Been Pwned (HIBP) - the widely used data breach notification service created by security expert Troy Hunt, has launched a major front-end redesign in version 2.0, introducing several new features aimed at improving how individuals and organizations monitor breach exposure.
-
SSL/TLS Certificate Lifespans to Shrink to 47 Days by 2029
In a move to enhance internet security, the CA/Browser Forum (CA/B Forum) has approved a proposal to reduce the maximum validity period of SSL/TLS certificates from the current 398 days to just 47 days by March 15, 2029.
-
Meta Open Sources LlamaFirewall for AI Agent Combined Protection
LlamaFirewall is a security framework aimed at safeguarding AI agents against prompt injection, goal misalignment, and insecure code generation. It achieved over 90% efficacy in reducing attack success rates when evaluated on the AgentDojo benchmark. Additionally, developers can update its behavior by adding new security guardrails.
-
DeepMind Researchers Propose Defense against LLM Prompt Injection
To prevent prompt injection attacks when working with untrusted sources, Google DeepMind researchers have proposed CaMeL, a defense layer around LLMs that blocks malicious inputs by extracting the control and data flows from the query. According to their results, CaMeL can neutralize 67% of attacks in the AgentDojo security benchmark.
-
Google Go Module Mirror Served Backdoor for 3+ Years
In February 2025, researchers at Socket uncovered a significant supply chain attack within the Go programming ecosystem. A malicious package, named github.com/boltdb-go/bolt, was discovered impersonating the legitimate and widely-used BoltDB module.
-
Google’s Cybersecurity Model Sec-Gemini Enables SecOps Workflows for Root Cause and Threat Analysis
Google’s new cybersecurity model Sec-Gemini focuses on cybersecurity AI to enable SecOps workflows for root cause analysis (RCA) and threat analysis, and vulnerability impact understanding.
-
How Meta Uses Precision Time Protocol to Handle Leap Seconds
For systems that require strict synchronization—like distributed databases, telemetry pipelines, or event-driven architectures—handling leap seconds incorrectly can lead to data loss, duplication, or inconsistencies. As such, managing leap seconds accurately ensures system reliability and consistency across environments that depend on high-precision time.
-
QCon London 2025: Insights from 20+ Years in Mission-Critical Infrastructure
Matthew Liste, head of infrastructure at American Express, shared insights at QCon London 2025 on building robust cloud platforms in financial services. With 20+ years of experience, he emphasized stability, security, scalability, the value of interchangeable components, and long-term sustainability, urging professionals to maintain focus and foster a strong team culture for platform engineering.
-
GitHub Leverages AI for More Accurate Code Secret Scanning
GitHub has unveiled a groundbreaking AI-driven secret scanning feature within Copilot, enhancing password detection in code while significantly reducing false positives. By leveraging advanced context analysis and collaboration with Microsoft, GitHub ensures robust repository security. Experience a new era of code integrity with precision-driven technology now available for all users.
-
Google Report Reveals How Threat Actors Are Currently Using Generative AI
Google's Threat Intelligence Group (GTIG) recently released a report on the adversarial misuse of generative AI. The team investigated prompts used by advanced persistent threat (APT) and coordinated information operations (IO) actors, finding that they have so far achieved productivity gains but have not yet developed novel capabilities.
-
Google Cloud's AI Protection: a Solution to Securing AI Assets
Google Cloud introduces AI Protection, a solution to safeguard against generative AI threats. Managing AI risks through vulnerability assessments, security policies, and proactive threat management enhances asset protection. Integrating with Google’s Security Command Center offers a centralized view of IT posture and advanced security intelligence for robust AI system defense.
-
Google Enhances Data Privacy with Confidential Federated Analytics
Google has announced Confidential Federated Analytics (CFA), a technique designed to increase transparency in data processing while maintaining privacy. Building on federated analytics, CFA leverages confidential computing to ensure that only predefined and inspectable computations are performed on user data without exposing raw data to servers or engineers.