Cyber Threats to DevOps Platforms Rising Fast, GitProtect Report Finds
DevOps.com, Wednesday, April 29th, 2026
Software developers, CI/CD pipelines, and the tools they rely on are increasingly becoming attractive targets for threat groups. The number of cyberattacks on code repositories like npm and GitHub continues to mount as threat actors push their supply chain attacks.
Compromising open source packages, fake development tools, and social engineering are among the tactics bad actors use against developers. Researchers with Kaspersky Lab this month wrote that a combination of programmers' unfounded belief that they are good at spotting threats and jobs that require them to often download and run third-party code 'makes them sitting ducks for cyberattackers.'