Ars Technica

Maximum-severity GitLab flaw allowing account hijacking under active exploitation

A maximum severity vulnerability that allows hackers to hijack GitLab accounts with no user interaction required is now under active exploitation, federal government ...
Computer Weekly

How GitLab is tapping AI in DevSecOps

GitLab is integrating artificial intelligence (AI) across its DevSecOps cycle to streamline software development and bolster security operations, its chief information security officer, Josh Lemos, ...
Bleeping Computer

Internet Archive breached again through stolen access tokens

The Internet Archive was breached again, this time on their Zendesk email support platform after repeated warnings that threat actors stole exposed GitLab authentication tokens. Since last night, ...
Bleeping Computer

GitLab releases fix for critical SAML authentication bypass flaw

GitLab has released security updates to address a critical SAML authentication bypass vulnerability impacting self-managed installations of the GitLab Community Edition (CE) and Enterprise Edition (EE ...
TechCrunch

GitLab’s new security feature uses AI to explain vulnerabilities to developers

Developer platform GitLab today announced a new AI-driven security feature that uses a large language model to explain potential vulnerabilities to developers, with plans to expand this to ...