GitLab has released security updates to address multiple vulnerabilities in the company's DevSecOps platform, including ones enabling attackers to take over accounts and inject malicious jobs in ...

GitLab released security updates for Community Edition (CE) and Enterprise Edition (EE), fixing nine vulnerabilities, among which two critical severity ruby-saml library authentication bypass flaws.

Looking at GitLab CI/CD under the hood. What “security built into the pipeline” actually means. How teams manage and act on findings at scale. GitLab DevSecOps is an integrated system that unifies ...

GitLab Inc., the intelligent orchestration platform for DevSecOps, today released GitLab 18.11, expanding agentic AI across the entire software lifecycle with security remediation, pipeline ...

Both platforms serve as backbone infrastructure for remote work and software development, making these flaws particularly dangerous for business continuity. Two of the world’s most critical business ...

The IBM-owned company says it has ‘initiated necessary remediation steps’ after media outlets reported that a threat group claimed to compromise Red Hat code repositories. Red Hat disclosed that it ...

An indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant could have allowed attackers to steal source code, direct victims to malicious websites, and more. In fact, ...

Agentic SAST Vulnerability Resolution is now generally available, automatically generating ready-to-merge code fixes and helping resolve vulnerabilities before they reach production. Two new agents in ...