GitLab
GitLab Releases Urgent Security Updates for Critical Flaw
GitLab is rolling out security patches that fix a bug that could let attackers leverage scheduled security scan policies to run pipelines as an arbitrary user. Bad actors exploiting the flaw could ...
GitLab Unauthorized Call Vulnerability (CVC-2023-5009) Notification
Overview Recently, NSFOCUS CERT monitored that GitLab officially issued a security notice, and fixed an unauthorized call vulnerability in GitLab Enterprise Edition (EE). The vulnerability is a bypass of CVE-2023-3932. An attacker ...
Who’s Behind the 8Base Ransomware Website?
The victim shaming website operated by the cybercriminals behind 8Base -- currently one of the more active ransomware groups -- was until earlier today leaking quite a bit of information that the ...
How GitLab Security Flaw Results in Cryptojacking Proxyjacking Attacks?
In the domain of quickly changing digital environments, where software development powers collaboration, a recent event using GitLab has exposed a serious security vulnerability. Cyber Attackers keep coming up with unusual and ...
Legitify adds support for GitLab and GitHub Enterprise Server
We encounter security incidents on a weekly basis with prospective customers that involve pipeline manipulation, code theft, and sensitive data exposure - many of which result from bad source code management (SCM) ...
GitLab Releases Bevy of Security and Compliance Enhancements
If any good came out of the Log4j vulnerability and SolarWinds attacks, it was the fact that they dramatically increased awareness of software supply chain security. Software supply chain security is only ...
Application Security Responsibility Shifting Further Left
A GitLab survey of more 5,500 DevOps professionals (including roughly 700 application security professionals) found 57% of those security respondents reported that responsibility for security has either already or soon will shift ...
Three new API exploits causes GitLab data privacy and availability issues
On May 10, 2022, and May 11, 2022, CVE-2022-1352 CVE-2021-1431, and CVE-2022-1545 were fixed and published on Gitlab-ORG public repository. There are no technical details or exploits yet, but according to the ...
Debug your GitLab Workloads Natively with Sidekick!
The past couple of months have been a roller-coaster thrill for us here in Thundra. First, let me summarize a couple of news before switching to our main topic; Sidekick Gitlab integration ...
GitLab: instant, inline, indispensable developer insights
Today we’re going to talk about letters, as in the alphabet. Did you ever see the Friends episode where Joey can’t afford an entire set of encyclopedias, so he just buys the ...
