reporter

Following the unveiling of our new Rovo Dev Agent at Team ’25 in April, we’re excited to bring it to the command line, an essential tool in many developers’ daily workflows. This significant milestone introduces an agentic AI coding experience designed with enterprises in mind. With Rovo Dev CLI, part of Rovo Dev, your command line becomes an intelligent development agent that understands, codes, and collaborates with you, seamlessly integrated into your Atlassian workflow. Want to try it out? Download Rovo Dev CLI here. Unleash agentic AI in your terminal Rovo Dev in the CLI is crafted for developers who thrive in the terminal environment. It transforms into an intelligent AI partner that understands, codes, and integrates seamlessly with your existing tools. It addresses key challenges faced by software engineers through: Code understanding and navigation: Gain insights into your codebase, generate documentation, and receive code explanations without leaving your terminal. Development acceleration: Speed up your development cycle with AI-assisted code completion, intelligent refactoring suggestions, automated testing, and interactive debugging. Atlassian ecosystem: Seamlessly work with Jira issues, update Confluence documentation, and manage your development tasks directly from the terminal – no more context switching between tools. Security and administration: Implement robust permission controls and protocols while efficiently tracking resource utilization and managing user access through role-based permissions. Maintain comprehensive usage monitoring and cost management. Extensibility and customization: Configure tool permissions, optimize your workflow, and extend functionality by connecting your MCP server to match your team’s specific needs. Raising the bar – Scoring #1 on SWE-bench Rovo Dev CLI achieves the highest score on the SWE-bench full benchmark leaderboard, reaching 41.98% resolve rate across 2,294 tasks in the full dataset, surpassing all other submissions. Maintained by researchers at Princeton and Stanford, SWE-bench is the leading benchmark for evaluating AI agents on real-world issue resolution, testing their ability to make context-aware code edits across open-source projects. This officially published score positions Atlassian at #1 on the leaderboard, demonstrating our leadership in practical AI applications for software development and underscoring Rovo Dev’s advanced capabilities in real-world code understanding and automated problem solving. See the full leaderboard here. How teams are using Rovo Dev CLI Teams using Rovo Dev CLI have quickly made it part of their daily workflow. Engineers rely on it to stay focused by offloading routine tasks like code navigation, feature implementation, and documentation generation. The agent helps developers understand new codebases, implement features with web-integrated research via MCP servers, and assist in complex code migrations, all without leaving the terminal environment. By eliminating the need to switch between different tools and interfaces, Rovo Dev helps development teams stay in their flow state while working on what matters most. Let’s explore how Rovo Dev brings intelligent assistance to your terminal through real-world development scenarios: Explore and understand your codebase Understanding your codebase is the first step to productive development. Watch as Rovo Dev analyzes entire repositories in seconds, answering natural language questions about code structure and technical implementations to help developers quickly navigate complex projects. Connect to Jira, Confluence, and Bitbucket See how you can connect MCP servers to Rovo Dev. In this example, we connect with Jira, Confluence, and Bitbucket to complete a work item end-to-end. From retrieving web data to updating the codebase, all in the terminal, with zero manual coding. And, if you’re using Jira with GitHub, we’ve got you covered, too. Adaptive memory system Rovo Dev’s intelligence grows with your project through its memory system. Watch how it uses memory files to retain project knowledge and adapt its behavior – you can even customize its personality to match your team’s style! Code migration assistance Finally, witness how Rovo Dev helps to tackle larger challenges like codebase migrations. Through structured analysis and step-by-step execution, it helps manage complex transitions while keeping developers in control of the process. These demonstrations showcase just a few ways Rovo Dev can enhance your development workflow. Whether you’re exploring new codebases, implementing features, or managing large-scale changes, Rovo Dev serves as your intelligent partner in the terminal. Join the future of development Rovo Dev is your context-aware AI teammate for the entire software development lifecycle. Powered by Atlassian’s Teamwork Graph, Rovo Dev understands your company, your projects, and your goals, and connects the dots across Jira, Confluence, Bitbucket, Compass, and more. Rovo Dev in the CLI is the first enterprise-ready agent experience available in your terminal, designed to enhance productivity and streamline your software development process. We invite you to download Rovo Dev in the CLI and learn more about additional Rovo Dev capabilities. Your feedback will be invaluable in helping us refine and enhance this powerful tool. Welcome to the era of intelligent development on the command line! Get started with Rovo Dev CLI The post Rovo Dev agent, now available in the CLI appeared first on Work Life by Atlassian. View the full article

On November 12-14, the Docker team was out in numbers at JFrog SwampUP Berlin 2025. We joined technical sessions, put on a fireside chat, and had conversations with attendees there. We’d like to thank the folks at JFrog for having us there and putting on such a great show! Here’s our takeaways from the event about software supply chain security trends: Software supply chain attacks reach unprecedented scale leveraging open source packages An analysis of recent software supply chain attacks by JFrog’s CTO Asaf Karas shed light on how malicious actors leverage AI and software supply chains on their exploits. Recent attacks combine existing techniques, like phishing, in combination with AI prompts that recursively write and execute code in order to compromise hundreds of thousands of systems running popular open source packages. A few examples include Shai Hulud, Red Donkey, and the recent NPM package phishing attack. So far, despite these attacks’ scale, damages have been limited due to the still rudimentary nature of these exploits. Expect more software supply chain attacks as well as more sophistication in the coming year. New Roles of Governance as a Security Layer The best way to avoid software supply chain attacks is to not have malicious code entering software supply chains in the first place. That’s where governance comes into play. Taking control of gate points during the software development lifecycle, for example during dependency scanning, build pipelines, and deployments is not enough. It is necessary to block malicious or risky code before it enters the software supply chain. Not only that, but also tools need increased interoperability to detect all potential attack vectors. Addressing MCP Challenges in AI Development MCP’s ability to leverage both deterministic and non-deterministic outcomes by connecting an LLM client to many different servers seems to be the main reasons companies are betting on the technology to build applications that deliver value to customers. Moreover, because each server can run independently from one another, it becomes possible to add governance layers on MCP servers, reducing risks of hallucination or unexpected results. Overall, we agree with JFrog’s assessment and look forward to opportunities where Docker and JFrog MCP technologies can work together for a safer and smoother enterprise AI developer experience. Building on Strong Open Source Foundations Is Core in the AI Era The fireside chat between Gal Marder, JFrog’s Chief Strategy Officer, and Michael Donovan, Docker’s VP of Product, explored how organizations can protect themselves from risks in unverified open source dependencies. They emphasized the importance of starting with strong foundations: using hardened images, maintaining them throughout their lifecycle, including those that have reached end of life, and ensuring visibility and governance across every stage. Strong third-party integrations are essential to manage this complexity effectively and extend security and trust from development to delivery. Conclusion: Build strong foundations, keep it consistent, stay ahead Software development is changing fast as AI becomes part of everyone’s workflow, developers and attackers alike. The best way to stay ahead is to build protection early by starting with strong foundations and keep it consistent across every stage with governance, visibility, and strong partnerships. Only then can teams innovate with confidence and speed as the landscape evolves. Exciting times! Learn more Subscribe to the Docker Navigator Newsletter Explore the MCP Catalog: Discover containerized, security-hardened MCP servers Explore the DHI Catalog: Discover secure, minimal, production-ready container images Docker Partner Programs: Discover trusted partners, tools, and integrations New to Docker? Create an account Have questions? The Docker community is here to help View the full article

On November 19, 2025, the Golang project published two Common Vulnerabilities and Exposures (CVEs) affecting the widely-used golang.org/x/crypto/ssh package. While neither vulnerability received a critical CVSS score, both presented real risks to applications using SSH functionality in Go-based containers. CVE-2025-58181 affects SSH servers parsing GSSAPI authentication requests. The vulnerability allows attackers to trigger unbounded memory consumption by exploiting the server’s failure to validate the number of mechanisms specified in authentication requests. CVE-2025-47914 impacts SSH Agent servers that fail to validate message sizes when processing identity requests, potentially causing system panics when malformed messages arrive. (These two vulnerabilities came just days after CVE-2025-47913, a high-severity vulnerability affecting the same Golang component that Docker also quickly patched) For teams running Go applications with SSH functionality in their containers, leaving these vulnerabilities unpatched creates exposure to denial-of-service attacks and potential system instability. How Docker achieves lightning fast vulnerability response When these CVEs hit the Golang project’s security feed, Docker Hardened Images customers had patched versions available in less than 24 hours. This rapid response stems from Docker Scout’s continuous monitoring architecture and DHI’s automated remediation pipeline. Here’s how it works: Continuous CVE ingestion: Unlike vulnerability scanning that runs on batch schedules, Docker Scout continuously ingests CVE information from upstream sources including GitHub security advisories, the National Vulnerability Database, and project-specific feeds. The moment CVE data becomes available, Scout begins analysis. Instant impact assessment: Within seconds of CVE ingestion, Scout identifies which Docker Hardened Images are affected based in Scout’s comprehensive SBOM database. This immediate notification allows the remediation process to start without delay. Automated patching workflow: Depending on the vulnerability and package, Docker either patches automatically or triggers a manual review process for complex changes. For these Golang SSH vulnerabilities, the team initiated builds immediately after upstream patches became available. Cascading builds: Once the patched Golang package builds successfully, the system automatically triggers rebuilds of all dependent packages and images. Every Docker Hardened Image containing the affected golang.org/x/crypto/ssh package gets rebuilt with the security fix. The entire process, from CVE disclosure to patched images available to customers, was completed in under 24 hours. Customers using Docker Scout received immediate notifications about the vulnerabilities and the availability of patched versions. Why Docker’s Security Response Is Different One of Docker’s key differentiators is its continuous, real-time monitoring, rather than periodic batch scanning. Traditional vulnerability management relies on daily or weekly scans, leaving containers exposed to known vulnerabilities for hours or even days. With Docker Scout’s real-time CVE ingestion, detection starts the moment a vulnerability is published, enabling remediation within seconds and minimizing exposure. This foundation powers Docker Hardened Images (DHI), where packages and dependencies are continuously tracked and automatically updated when issues arise. For example, when vulnerabilities were found in the golang.org/x/crypto library, all affected images were rebuilt and released within a day. Customers simply pull the latest tags to stay secure, no manual patching, emergency maintenance, or impact triage required. But continuous monitoring is just the foundation. What truly sets Docker apart is how that real-time intelligence flows into an automated, transparent, and trusted remediation pipeline, built on over a decade of experience securing and maintaining the Docker Official Images program.These are the same images trusted and used by millions of developers and organizations worldwide, forming the foundation of countless production environments. That long-standing operational experience in continuously maintaining, rebuilding, and distributing secure images at global scale gives Docker a proven track record in delivering reliability, consistency, and trust few others can match. Beyond automation, Docker’s AI guardrails add yet another layer of protection. Purpose-built for the Hardened Images pipeline, these AI systems continuously analyze upstream code changes, flag risky patterns, and prevent flawed dependencies from entering the supply chain. Unlike standard coding assistants, Docker’s AI guardrails are informed by manual, project-specific reviews, blending human expertise with adaptive intelligence. When the system detects a high-confidence issue such as an inverted error check, ignored failure, or resource mismanagement, it halts the release until a Docker engineer verifies and applies the fix. This human-in-the-loop model ensures vulnerabilities are caught long before they can reach customers, turning AI into a force multiplier for safety, not a replacement for human judgment. Another critical differentiator is complete transparency. Consider what happens when a security scanner still flags a vulnerability even after you’ve pulled a patched image. With DHI, every image includes a comprehensive and accurate Software Bill of Materials (SBOM) that provides definitive visibility into what’s actually inside your container. When a scanner reports a supposedly remediated image as vulnerable, teams can verify the exact package versions and patch status directly from the SBOM instead of relying on scanner heuristics. This transparency also extends to how Docker Scout handles CVE data. Docker relies entirely on independent, third-party sources for vulnerability decisions and prioritization, including the National Vulnerability Database (NVD), GitHub Security Advisories, and upstream project maintainers. This approach is essential because traditional scanners often depend on pattern matching and heuristics that can produce false positives. They may miss vendor-specific patches, overlook backported fixes, or flag vulnerabilities that have already been remediated due to database lag. In some cases, even vendor-recommended scanners fail to detect unpatched vulnerabilities, creating a false sense of security. Without an accurate SBOM and objective CVE data, teams waste valuable time chasing phantom vulnerabilities or debating false positives with compliance auditors. Docker’s approach eliminates that uncertainty. Because the SBOM is generated directly from the build process, not inferred after the fact, it provides definitive evidence of what’s inside each image and why certain CVEs do or don’t apply. This transforms vulnerability management from guesswork and debate into objective, verifiable security assurance, backed by transparent, third-party data. CVEs don’t have to disrupt your week Managing vulnerabilities consumes significant engineering time. When critical CVEs drop, teams rush to assess impact, test patches, and coordinate deployments. Docker Hardened Images eliminate this overhead by continuously updating base images with complete transparency into their contents with rapid turnarounds to reduce your exposure window. If you’re tired of vulnerability whack-a-mole disrupting your team’s roadmap, Docker Hardened Images offers a better path forward. Learn more about how Docker Scout and Hardened Images can reduce your vulnerability management burden, or contact our team to discuss your specific security requirements. View the full article

Christians in China have long faced harassment from the authorities.View the full article

Despite less than half of Americans ranking religion as an important part of their daily life, America is still more devout when it comes to religion than its economic peers, such as the United Kingdom or Germany, new data from Gallup shows.View the full article

The Evangelical Alliance has produced a report showing the impact that faith communities are having in Wales.View the full article

A leading church historian has warned that the public image of evangelicals is being distorted by US politics, even as the movement experiences rapid growth and renewed vitality across the Global South.View the full article

In March 2024, Mozilla said it was winding down its collaboration with Onerep — an identity protection service offered with the Firefox web browser that promises to remove users from hundreds of people-search sites — after KrebsOnSecurity revealed Onerep’s founder had created dozens of people-search services and was continuing to operate at least one of them. Sixteen months later, however, Mozilla is still promoting Onerep. This week, Mozilla announced its partnership with Onerep will officially end next month. Mozilla Monitor. Image Mozilla Monitor Plus video on Youtube. In a statement published Tuesday, Mozilla said it will soon discontinue Monitor Plus, which offered data broker site scans and automated personal data removal from Onerep. “We will continue to offer our free Monitor data breach service, which is integrated into Firefox’s credential manager, and we are focused on integrating more of our privacy and security experiences in Firefox, including our VPN, for free,” the advisory reads. Mozilla said current Monitor Plus subscribers will retain full access through the wind-down period, which ends on Dec. 17, 2025. After that, those subscribers will automatically receive a prorated refund for the unused portion of their subscription. “We explored several options to keep Monitor Plus going, but our high standards for vendors, and the realities of the data broker ecosystem made it challenging to consistently deliver the level of value and reliability we expect for our users,” Mozilla statement reads. On March 14, 2024, KrebsOnSecurity published an investigation showing that Onerep’s Belarusian CEO and founder Dimitiri Shelest launched dozens of people-search services since 2010, including a still-active data broker called Nuwber that sells background reports on people. Shelest released a lengthy statement wherein he acknowledged maintaining an ownership stake in Nuwber, a data broker he founded in 2015 — around the same time he launched Onerep. View the full article

“In Nigeria, Christians are being targeted, driven from their homes and killed," she said.View the full article

The Marriage Foundation has voiced concern over newly released figures from the Office for National Statistics (ONS), which show a 9% fall in heterosexual marriages in England and Wales during 2023.View the full article

A contentious assisted dying bill being considered by Holyrood is facing mounting opposition as MSPs voice significant concerns about patient safety, human rights compliance, and supposed safeguards.View the full article

Christmas is coming, and with it the possibility of more massacres.View the full article

20 November is St Edmund’s Day, celebrating the king and martyr who was once the patron saint of England. This is his story.View the full article

The UK Supreme Court has ruled that the current approach to Religious Education and collective worship in Northern Ireland schools breaches human rights and is unlawful.View the full article

An intermittent outage at Cloudflare on Tuesday briefly knocked many of the Internet’s top destinations offline. Some affected Cloudflare customers were able to pivot away from the platform temporarily so that visitors could still access their websites. But security experts say doing so may have also triggered an impromptu network penetration test for organizations that have come to rely on Cloudflare to block many types of abusive and malicious traffic. At around 6:30 EST/11:30 UTC on Nov. 18, Cloudflare’s status page acknowledged the company was experiencing “an internal service degradation.” After several hours of Cloudflare services coming back up and failing again, many websites behind Cloudflare found they could not migrate away from using the company’s services because the Cloudflare portal was unreachable and/or because they also were getting their domain name system (DNS) services from Cloudflare. However, some customers did manage to pivot their domains away from Cloudflare during the outage. And many of those organizations probably need to take a closer look at their web application firewall (WAF) logs during that time, said Aaron Turner, a faculty member at IANS Research. Turner said Cloudflare’s WAF does a good job filtering out malicious traffic that matches any one of the top ten types of application-layer attacks, including credential stuffing, cross-site scripting, SQL injection, bot attacks and API abuse. But he said this outage might be a good opportunity for Cloudflare customers to better understand how their own app and website defenses may be failing without Cloudflare’s help. “Your developers could have been lazy in the past for SQL injection because Cloudflare stopped that stuff at the edge,” Turner said. “Maybe you didn’t have the best security QA [quality assurance] for certain things because Cloudflare was the control layer to compensate for that.” Turner said one company he’s working with saw a huge increase in log volume and they are still trying to figure out what was “legit malicious” versus just noise. “It looks like there was about an eight hour window when several high-profile sites decided to bypass Cloudflare for the sake of availability,” Turner said. “Many companies have essentially relied on Cloudflare for the OWASP Top Ten [web application vulnerabilities] and a whole range of bot blocking. How much badness could have happened in that window? Any organization that made that decision needs to look closely at any exposed infrastructure to see if they have someone persisting after they’ve switched back to Cloudflare protections.” Turner said some cybercrime groups likely noticed when an online merchant they normally stalk stopped using Cloudflare’s services during the outage. “Let’s say you were an attacker, trying to grind your way into a target, but you felt that Cloudflare was in the way in the past,” he said. “Then you see through DNS changes that the target has eliminated Cloudflare from their web stack due to the outage. You’re now going to launch a whole bunch of new attacks because the protective layer is no longer in place.” Nicole Scott, senior product marketing manager at the McLean, Va. based Replica Cyber, called yesterday’s outage “a free tabletop exercise, whether you meant to run one or not.” “That few-hour window was a live stress test of how your organization routes around its own control plane and shadow IT blossoms under the sunlamp of time pressure,” Scott said in a post on LinkedIn. “Yes, look at the traffic that hit you while protections were weakened. But also look hard at the behavior inside your org.” Scott said organizations seeking security insights from the Cloudflare outage should ask themselves: 1. What was turned off or bypassed (WAF, bot protections, geo blocks), and for how long? 2. What emergency DNS or routing changes were made, and who approved them? 3. Did people shift work to personal devices, home Wi-Fi, or unsanctioned Software-as-a-Service providers to get around the outage? 4. Did anyone stand up new services, tunnels, or vendor accounts “just for now”? 5. Is there a plan to unwind those changes, or are they now permanent workarounds? 6. For the next incident, what’s the intentional fallback plan, instead of decentralized improvisation? In a postmortem published Tuesday evening, Cloudflare said the disruption was not caused, directly or indirectly, by a cyberattack or malicious activity of any kind. “Instead, it was triggered by a change to one of our database systems’ permissions which caused the database to output multiple entries into a ‘feature file’ used by our Bot Management system,” Cloudflare CEO Matthew Prince wrote. “That feature file, in turn, doubled in size. The larger-than-expected feature file was then propagated to all the machines that make up our network.” Cloudflare estimates that roughly 20 percent of websites use its services, and with much of the modern web relying heavily on a handful of other cloud providers including AWS and Azure, even a brief outage at one of these platforms can create a single point of failure for many organizations. Martin Greenfield, CEO at the IT consultancy Quod Orbis, said Tuesday’s outage was another reminder that many organizations may be putting too many of their eggs in one basket. “There are several practical and overdue fixes,” Greenfield advised. “Split your estate. Spread WAF and DDoS protection across multiple zones. Use multi-vendor DNS. Segment applications so a single provider outage doesn’t cascade. And continuously monitor controls to detect single-vendor dependency.” View the full article

19 November is the day when Anglicans remember St Hilda of Whitby. She was a powerful and important woman in the history of the English Church. This is her story.View the full article

Despite a slight drop in overall numbers, the attacks are becoming more violent in nature, a new report has warned.View the full article

We have reached goodness in our journey through the fruits of Holy Spirit (Galatians 5:22-23) - a virtue often spoken of but less often understood.View the full article

Cybereason Threat Intelligence Team recently conducted an analysis of "The Gentlemen" ransomware group, which emerged around July 2025 as a ransomware threat actor group with relatively advanced methodologies. The Gentlemen group employs a dual-extortion strategy, not only encrypting sensitive files but also exfiltrating critical business data and threatening to publish it on dark web leak sites unless a ransom is paid. The group has demonstrated a unique approach by combining established ransomware techniques with newer strategies, making them quick to adapt to new attack vectors, allowing them to remain a persistent to evolving threat to organizations worldwide. View the full article

The European Court of Human Rights (ECHR) has come under criticism after ruling against Poland in a case concerning abortion on the grounds of disability. View the full article

A late-night assault on a Catholic health facility in northeastern Democratic Republic of Congo has left around 20 civilians dead.View the full article

A nationwide prayer initiative involving thousands of churches and Christians is set to take place at the start of the New Year.View the full article

Christians are being asked to pray as the Employment Appeal Tribunal hears the case of sacked chaplain Rev Dr Bernard Randall. View the full article

King Charles has personally stepped in to support restoration work at a historic Norfolk church long treasured by his late mother, Queen Elizabeth II.View the full article

The next three in this series on online events highlighting interesting uses of AI in cybersecurity are online: #4, #5, and #6. Well worth watching. View the full article