Bleeping Computer

GitLab warns of critical pipeline execution vulnerability

GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions.
Bleeping Computer

GitLab urges users to install security updates for critical pipeline flaw

GitLab has released security updates to address a critical severity vulnerability that allows attackers to run pipelines as other users via scheduled security scan policies. GitLab is a popular ...

GitLab announces 18.4 release

AI-powered DevSecOps platform GitLab has announced its 18.4 release, expanding key AI-native capabilities, including the ability to build and share custom agents, navigate codebases with the Knowledge ...
Computer Weekly

Interview: GitLab CTO on freeing developers for innovation with AI

Sabrina Farmer explains how GitLab’s platform for the software development lifecycle is using AI to help eliminate developer toil and drive innovation ...
adtmag.com

GrammaTech Partners with GitLab to Add Shift-Left Capabilities to the CI/CD Pipeline

App security testing tools provider GrammaTech today announced a technology partnership with GitLab to integrate the GrammaTech CodeSonar Static Application Security Testing (SAST) solution with ...
ZDNet

Supply chain attacks are on the rise: Check your software build pipeline security

Addressing large enterprise and government agencies, the UK's National Cyber Security Center (NCSC) has issued a warning that attacks on a software build pipeline "can have wide-reaching impact". NCSC ...