CISA warns of five-year-old GitLab flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems against a five-year-old GitLab vulnerability that is actively being exploited in ...

GitLab warns of high-severity 2FA bypass, denial-of-service flaws

GitLab has patched a high-severity two-factor authentication bypass impacting community and enterprise editions of its software development platform.

GitLab patches major security flaw - here's what we know

A new patch fixes six important GitLab flaws ...
InfoQ

GitLab 11.11 Brings Multiple Assignees for Merge Requests, Windows Container Executor, and More

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Traditional caching fails to stop "thundering ...

Zoom and GitLab Patch RCE, DoS, and 2FA Bypass Vulnerabilities

Both platforms serve as backbone infrastructure for remote work and software development, making these flaws particularly dangerous for business continuity.
The Next Web

GitLab now automatically warns against merging API keys into your codebase

GitLab, the hugely popular devops platform, today announced the introduction of secrets detection with version 11.9 of the service. This means that should someone inadvertently include an API key or ...