CSOonline

‘Dangerous’ vulnerability in GitLab Ultimate Enterprise Edition

A new vulnerability in GitLab’s Ultimate Enterprise Edition used for managing source code is “dangerous” and needs to be quickly patched, says an expert. The vulnerability, CVE-2025-5121, is one of 10 ...
Hosted on MSN

Hidden Prompts in GitLab Duo Expose Source Code to Theft

A critical vulnerability in GitLab’s AI-powered coding assistant, Duo, has exposed private source code repositories to theft through a sophisticated indirect prompt injection attack, cybersecurity ...
InfoQ

GitLab Introduces Advanced Vulnerability Tracking to Tackle Code Volatility and Double Reporting

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Electronic Design

GitLab’s DevSecOps Enhances Security for Software Developers

The DevSecOps system unifies CI/CD and built-in security scans in one platform so that teams can ship faster with fewer vulnerabilities.
InfoWorld

GitLab 2FA login protection bypass lets attackers take over accounts

The platform warns users of on-premises versions to upgrade to the latest versions; SaaS and web versions have been patched. A critical two-factor authentication bypass vulnerability in the Community ...
InfoQ

GitLab Release Brings Protected Container Repositories; Fixes XSS Vulnerability

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Cory Benfield discusses the evolution of ...
Bleeping Computer

CISA warns of five-year-old GitLab flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems against a five-year-old GitLab vulnerability that is actively being exploited in ...