GitLab

GitLab Patches Code Execution, Information Disclosure Vulnerabilities

GitLab, patches, Vulnerabilities, vulnerability /

GitLab Patches Code Execution, Information Disclosure Vulnerabilities 2026-06-25 at 14:10 By Ionut Arghire The latest GitLab CE/EE updates address 13 vulnerabilities, including three high-severity defects. The post GitLab Patches Code Execution, Information Disclosure Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

GitLab Patches Code Execution, Information Disclosure Vulnerabilities Read More »

GitLab 19.0 adds AI workflows, secrets management, and self-hosted model support

GitLab, Industry news /

GitLab 19.0 adds AI workflows, secrets management, and self-hosted model support 2026-05-22 at 15:08 By Industry News GitLab released GitLab 19.0 with expanded secrets management, agentic merge request workflows, improved CI pipeline visibility, support for self-hosted open-source models, and supply chain visibility enhancements. Engineering organizations shipping more code than ever are confronting the AI Paradox

GitLab 19.0 adds AI workflows, secrets management, and self-hosted model support Read More »

25 open-source cybersecurity tools that don’t care about your budget

AI, AWS, Compliance, GitHub, GitLab, Kubernetes, Linux, News, open source, OpenClaw, penetration testing, software, Trail of Bits /

25 open-source cybersecurity tools that don’t care about your budget 2026-04-27 at 10:30 By Anamarija Pogorelec Regardless of the operating system you use, managing secrets, apps, cloud, compliance, and security operations can be overwhelming. The free, open-source tools presented in this article can help you detect threats, increase visibility, enforce controls, and investigate and respond

25 open-source cybersecurity tools that don’t care about your budget Read More »

GitLab 18.11 brings agentic AI to security fixes, CI pipelines, and delivery analytics

GitLab, Industry news /

GitLab 18.11 brings agentic AI to security fixes, CI pipelines, and delivery analytics 2026-04-17 at 14:32 By Industry News GitLab has released GitLab 18.11, expanding agentic AI across the entire software lifecycle with security remediation, pipeline configuration, and delivery analytics. AI-generated code moves faster than the systems around it can keep up with, creating the

GitLab 18.11 brings agentic AI to security fixes, CI pipelines, and delivery analytics Read More »

Legitify: Open-source scanner for security misconfigurations on GitHub and GitLab

Don't miss, GitHub, GitLab, Legit Security, News, open source, scanner, software /

Legitify: Open-source scanner for security misconfigurations on GitHub and GitLab 2026-04-15 at 08:18 By Anamarija Pogorelec Misconfigured source code management platforms remain a common entry point in software supply chain attacks, and organizations often lack visibility into which settings put them at risk. Legitify, an open-source tool from Legit Security, addresses that gap by scanning

Legitify: Open-source scanner for security misconfigurations on GitHub and GitLab Read More »

Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps

Aurigo Software Technologies, cybersecurity, Don't miss, GitHub, GitLab, News, open source, scanner, software /

Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps 2026-03-23 at 09:18 By Anamarija Pogorelec GitLab CI/CD pipelines often accumulate configuration decisions that drift from security baselines over time. Container images get pinned to mutable tags, branches lose protection settings, and required templates go missing. An open-source tool called Plumber automates the detection of

Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps Read More »

Atlassian, GitLab, Zoom Release Security Patches

Atlassian, GitLab, patch, Vulnerabilities, vulnerability, Zoom /

Atlassian, GitLab, Zoom Release Security Patches 2026-01-22 at 11:49 By Ionut Arghire Fixes were rolled out for over two dozen vulnerabilities, including critical- and high-severity bugs. The post Atlassian, GitLab, Zoom Release Security Patches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Atlassian, GitLab, Zoom Release Security Patches Read More »

Rust package registry adds security tools and metrics to crates.io

GitLab, News, OpenSSF, rust, security update /

Rust package registry adds security tools and metrics to crates.io 2026-01-21 at 15:23 By Anamarija Pogorelec The Rust project updated crates.io to include a Security tab on individual crate pages. The tab shows security advisories drawn from the RustSec database and lists which versions of a crate may have known issues. This change gives developers

Rust package registry adds security tools and metrics to crates.io Read More »

GitLab Duo Agent Platform solves the AI paradox in software delivery

GitLab, Industry news /

GitLab Duo Agent Platform solves the AI paradox in software delivery 2026-01-16 at 16:16 By Industry News GitLab announced the GitLab Duo Agent Platform, delivering agentic AI that enables teams to orchestrate agents across the entire software lifecycle. AI tools have been improving developers’ ability to write code, and in some cases, developers are reporting

GitLab Duo Agent Platform solves the AI paradox in software delivery Read More »

Red Hat Confirms GitLab Instance Hack, Data Theft

Crimson Collective, data breach, Data Breaches, Featured, GitLab, Red Hat, source code /

Red Hat Confirms GitLab Instance Hack, Data Theft 2025-10-03 at 10:15 By Eduard Kovacs Hackers claim to have stolen 28,000 private repositories, including data associated with major companies that use Red Hat services. The post Red Hat Confirms GitLab Instance Hack, Data Theft appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Red Hat Confirms GitLab Instance Hack, Data Theft Read More »

Development vs. security: The friction threatening your code

Application Security, cybersecurity, DevSecOps, Endor Labs, GitLab, News, software, Sonatype, strategy /

Development vs. security: The friction threatening your code 2025-06-03 at 07:32 By Sinisa Markovic Developers are driven to deliver new features quickly, while security teams prioritize risk mitigation, which often puts the two at odds. 61% of developers said that it’s critical that security doesn’t block or decelerate the development process or become a barrier

Development vs. security: The friction threatening your code Read More »

GitLab, Atlassian Patch High-Severity Vulnerabilities

Atlassian, GitLab, Vulnerabilities, vulnerability /

GitLab, Atlassian Patch High-Severity Vulnerabilities 2025-05-22 at 08:18 By Ionut Arghire GitLab and Atlassian have released patches for over a dozen vulnerabilities in their products, including high-severity bugs. The post GitLab, Atlassian Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

GitLab, Atlassian Patch High-Severity Vulnerabilities Read More »

GitLab 18 increases developer productivity by integrating AI throughout the platform

GitLab, Industry news /

GitLab 18 increases developer productivity by integrating AI throughout the platform 2025-05-15 at 16:34 By Industry News GitLab launched GitLab 18, including AI capabilities natively integrated into the platform and major new innovations across core DevOps, and security and compliance workflows that are available now, with further enhancements planned throughout the year. Additionally, GitLab Premium

GitLab 18 increases developer productivity by integrating AI throughout the platform Read More »

GitLab CISO on proactive monitoring and metrics for DevSecOps success

Artificial Intelligence, cybersecurity, DevSecOps, Don't miss, Features, framework, GitLab, Hot stuff, LLMs, News, opinion, security metrics, software development /

GitLab CISO on proactive monitoring and metrics for DevSecOps success 2025-01-09 at 07:32 By Mirko Zorz In this Help Net Security interview, Josh Lemos, CISO at GitLab, talks about the shift from DevOps to DevSecOps, focusing on the complexity of building systems and integrating security tools. He shares tips for maintaining development speed, fostering collaboration,

GitLab CISO on proactive monitoring and metrics for DevSecOps success Read More »

Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409)

authentication, Don't miss, exploit, GitLab, Hot stuff, News, PoC, ProjectDiscovery, security update, Synactiv, vulnerability /

Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) 2024-10-09 at 15:49 By Zeljka Zorz If you run a self-managed GitLab installation with configured SAML-based authentication and you haven’t upgraded it since mid-September, do it now, because security researchers have published an analysis of CVE-2024-45409 and an exploit script that may help attackers gain

Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) Read More »

Weekly IT Vulnerability Report: Cyble Urges Fixes for Ivanti, GitLab and Microchip

GitLab, Ivanti, Microchip, vulnerability /

Weekly IT Vulnerability Report: Cyble Urges Fixes for Ivanti, GitLab and Microchip 2024-10-01 at 09:31 By dakshsharma16 Key Takeaways Overview Cyble Research and Intelligence Labs (CRIL) researchers this week investigated 15 vulnerabilities of particular significance for IT teams, and identified three that merit high-priority patching. Cyble’s Sept. 18-24 Weekly Vulnerability Insights Report for subscribers also

Weekly IT Vulnerability Report: Cyble Urges Fixes for Ivanti, GitLab and Microchip Read More »

GitLab Patches Critical Authentication Bypass Vulnerability

GitLab, Vulnerabilities, vulnerability /

GitLab Patches Critical Authentication Bypass Vulnerability 2024-09-19 at 13:16 By Ionut Arghire GitLab has patched a critical-severity SAML authentication bypass affecting both Community Edition (CE) and Enterprise Edition (EE) instances. The post GitLab Patches Critical Authentication Bypass Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

GitLab Patches Critical Authentication Bypass Vulnerability Read More »

GitLab Updates Resolve Critical Pipeline Execution Vulnerability

GitLab, Vulnerabilities, vulnerability /

GitLab Updates Resolve Critical Pipeline Execution Vulnerability 2024-09-13 at 12:16 By Ionut Arghire GitLab has released security updates to resolve multiple vulnerabilities in GitLab CE/EE, including a critical-severity pipeline execution flaw. The post GitLab Updates Resolve Critical Pipeline Execution Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

GitLab Updates Resolve Critical Pipeline Execution Vulnerability Read More »

Number of incidents affecting GitHub, Bitbucket, GitLab, and Jira continues to rise

cybersecurity, DevOps, DevSecOps, GitHub, GitLab, GitProtect.io, monitoring, News, penetration testing, Ransomware, report, social engineering, vulnerability management /

Number of incidents affecting GitHub, Bitbucket, GitLab, and Jira continues to rise 2024-08-07 at 06:01 By Help Net Security Outages, human errors, cyberattacks, data breaches, ransomware, security vulnerabilities, and, as a result, data loss are the reality that DevSecOps teams have to face every few days, according to GitProtect.io. DevSecOps The possibility to integrate security

Number of incidents affecting GitHub, Bitbucket, GitLab, and Jira continues to rise Read More »

GitLab Ships Update for Critical Pipeline Execution Vulnerability

CVE-2024-5655, CVE-2024-6385, GitLab, Supply Chain Security, Vulnerabilities /

GitLab Ships Update for Critical Pipeline Execution Vulnerability 2024-07-11 at 18:01 By Ionut Arghire GitLab issues an advisory for a critical-severity vulnerability that allows an attacker to trigger a pipeline as another user. The post GitLab Ships Update for Critical Pipeline Execution Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

GitLab Ships Update for Critical Pipeline Execution Vulnerability Read More »

Scroll to Top