News

Researchers cause GitLab AI developer assistant to turn safe code malicious
Researchers from security firm Legit on Thursday demonstrated an attack that induced Duo into inserting malicious code into a ...
DataBreachToday5d
Patched GitLab Duo Flaws Risked Code Leak, Malicious Content
Hackers can exploit vulnerabilities in a generative artificial intelligence assistant integrated across GitLab's DevSecOps ...
GitLab Vulnerability ‘Highlights the Double-Edged Nature of AI Assistants’
A remote prompt injection flaw in GitLab Duo allowed attackers to steal private source code and inject malicious HTML. GitLab ...
CSO Online10d
Prompt injection flaws in GitLab Duo highlights risks in AI assistants
Researchers managed to trick GitLab’s AI-powered coding assistant to display malicious content to users and leak private ...
Techzine Europe10d
Vulnerability in GitLab assistant enabled code theft
GitLab's AI assistant Duo may have been complicit in code theft. The bug in the code for rendering HTML has been fixed, but ...
Diginomica8y
"You don't need design thinking" - How GitLab made open source their management style
Open sourcing your code ... comments on them daily. The entire world can see what we're doing. Launching our road maps is public, and pretty much everything else. Just about the only thing that ...
TheServerSide1y
Quickly generate, add and setup GitLab SSH Keys
The -C switch simply adds a comment to the end of the public file. When you’re prompted for a passphrase or a special storage location, accept all the defaults. By default, all GitLab SSH keys must go ...