ZDNet

GitLab fixes security issue that let anyone hijack custom domains

A security researcher hijacked hundreds of GitLab domains in just a few seconds by exploiting a weakness in how the company handles domain verification -- a security issue that the company has now ...
Bleeping Computer

GitLab urges users to install security updates for critical pipeline flaw

GitLab has released security updates to address a critical severity vulnerability that allows attackers to run pipelines as other users via scheduled security scan policies. GitLab is a popular ...
Bleeping Computer

GitLab warns of critical pipeline execution vulnerability

GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions.
TechRadar

GitLab warns of critical security flaw which could allow hacker takeovers

GitLab has upgraded its Community and Enterprise editions to fix a critical vulnerability which allowed malicious actors to run pipeline jobs as any other platform user. In its patch release notes, ...
heise online

More security for GitHub and GitLab – New packages and functions

The two software platforms GitHub and GitLab have introduced new security functions and packages: GitHub Secret Protection, GitHub Code Security and GitLab Open Source Security Hub. GHAS, which is ...
Nasdaq

GitLab Appoints Josh Lemos as Chief Information Security Officer

Former Block, ServiceNow and Cylance security leader joins to lead privacy-first security strategy for the most comprehensive AI-powered DevSecOps platform in the market SAN FRANCISCO, June 13, 2023 ...
TechCrunch

GitLab acquires Gemnasium to strengthen its security services

GitLab, which helps businesses manage their software development and operations lifecycle from planning to deployment and monitoring, has acquired Gemnasium, a service that alerts developers of known ...