InfoWorld

AI in CI/CD pipelines can be tricked into behaving badly

Malicious content in issues or pull requests can trick AI agents in CI/CD workflows into running privileged commands in an ...
Dark Reading

GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln

For the second time in less than a month GitLab has users scrambling to address a critical vulnerability in the community and enterprise editions of its DevOps ...
Bleeping Computer

Critical GitLab bug lets attackers run pipelines as any user

A critical vulnerability is affecting certain versions of GitLab Community and Enterprise Edition products, which could be exploited to run pipelines as any user. GitLab is a popular web-based ...
Security Boulevard

Which Enterprise Automation Tools Integrate Best With CI/CD Pipelines?

Explore top enterprise automation tools that integrate seamlessly with CI/CD pipelines to improve workflow speed, testing, delivery, and team collaboration.
Bleeping Computer

GitLab warns of critical arbitrary branch pipeline execution flaw

GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw. The vulnerability, ...
SD Times

Are CI/CD pipelines bursting at the seams?

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...
adtmag.com

GrammaTech Partners with GitLab to Add Shift-Left Capabilities to the CI/CD Pipeline

App security testing tools provider GrammaTech today announced a technology partnership with GitLab to integrate the GrammaTech CodeSonar Static Application Security Testing (SAST) solution with ...