Bleeping Computer

GitLab warns of critical pipeline execution vulnerability

GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions.
Bleeping Computer

GitLab: Critical bug lets attackers run pipelines as other users

GitLab warned today that a critical vulnerability in its product's GitLab Community and Enterprise editions allows attackers to run pipeline jobs as any other user. The GitLab DevSecOps platform has ...

GitLab announces 18.4 release

AI-powered DevSecOps platform GitLab has announced its 18.4 release, expanding key AI-native capabilities, including the ...
Developer Tech

GitLab launches custom AI agents and Knowledge Graph

GitLab's latest release uses AI for more than just making code completion smarter, with customisable agents, a Knowledge ...
Computer Weekly

Interview: GitLab CTO on freeing developers for innovation with AI

Sabrina Farmer explains how GitLab’s platform for the software development lifecycle is using AI to help eliminate developer toil and drive innovation ...
adtmag.com

GrammaTech Partners with GitLab to Add Shift-Left Capabilities to the CI/CD Pipeline

App security testing tools provider GrammaTech today announced a technology partnership with GitLab to integrate the GrammaTech CodeSonar Static Application Security Testing (SAST) solution with ...
ZDNet

Supply chain attacks are on the rise: Check your software build pipeline security

Addressing large enterprise and government agencies, the UK's National Cyber Security Center (NCSC) has issued a warning that attacks on a software build pipeline "can have wide-reaching impact". NCSC ...