Bleeping Computer

GitLab urges users to install security updates for critical pipeline flaw

GitLab has released security updates to address a critical severity vulnerability that allows attackers to run pipelines as other users via scheduled security scan policies. GitLab is a popular ...
Bleeping Computer

GitLab warns of critical pipeline execution vulnerability

GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions.
Dark Reading

Critical GitLab Bug Threatens Software Development Pipelines

A critical GitLab vulnerability could allow an attacker to run a pipeline as another user. GitLab is a popular Git repository, second only to GitHub, with millions of active users. This week, it ...
TechRepublic

GitLab on how DevSecOps can help developers provide security from end-to-end

GitLab on how DevSecOps can help developers provide security from end-to-end Your email has been sent GitLab's VP of security talks about the efficiencies that DevSecOps brings to developers and the ...
InfoWorld

GitLab 14.8 adds security approval policies, extends SSH support

Update to the GitLab devops platform introduces chainable security approval policies as the replacement for the deprecated Vulnerability-Check feature. Newly arrived GitLab 14.8 updates the software ...
Dark Reading

GitLab's AI Assistant Opened Devs to Code Theft

An indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant could have allowed attackers to steal source code, direct victims to malicious websites, and more. In fact, ...