Bleeping Computer

Critical GitLab vulnerability lets attackers take over accounts

GitLab has addressed a critical severity vulnerability that could allow remote attackers to take over user accounts using hardcoded passwords. The bug (discovered internally and tracked as ...
Ars Technica

Maximum-severity GitLab flaw allowing account hijacking under active exploitation

A maximum severity vulnerability that allows hackers to hijack GitLab accounts with no user interaction required is now under active exploitation, federal government ...
Bleeping Computer

GitLab warns of critical zero-click account hijacking vulnerability

GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction. The vendor ...
InfoQ

GitLab Introduces Advanced Vulnerability Tracking to Tackle Code Volatility and Double Reporting

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Dark Reading

GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln

For the second time in less than a month GitLab has users scrambling to address a critical vulnerability in the community and enterprise editions of its DevOps ...