Bleeping Computer

GitLab patches high severity account takeover, missing auth issues

GitLab has released security updates to address multiple vulnerabilities in the company's DevSecOps platform, including ones enabling attackers to take over accounts and inject malicious jobs in ...
Bleeping Computer

GitLab warns of high-severity 2FA bypass, denial-of-service flaws

GitLab has patched a high-severity two-factor authentication bypass impacting community and enterprise editions of its software development platform. Tracked as CVE-2026-0723, this vulnerability stems ...
Seeking Alpha

GitLab Survey Reveals Tension Around AI, Security, and Developer Productivity within Organizations

Efforts to fix security vulnerabilities are hindered by organizational red tape Leadership understands the importance of developer productivity for organizational success but isn’t measuring it ...
Dark Reading

GitLab's AI Assistant Opened Devs to Code Theft

An indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant could have allowed attackers to steal source code, direct victims to malicious websites, and more. In fact, ...
CRN

Red Hat Says It’s Remediating GitLab Security ‘Incident’ At Consulting Arm

The IBM-owned company says it has ‘initiated necessary remediation steps’ after media outlets reported that a threat group claimed to compromise Red Hat code repositories. Red Hat disclosed that it ...