News

GitLab Vulnerability ‘Highlights the Double-Edged Nature of AI Assistants’
A remote prompt injection flaw in GitLab Duo allowed attackers to steal private source code and inject malicious HTML. GitLab ...
Researchers cause GitLab AI developer assistant to turn safe code malicious
Researchers from security firm Legit on Thursday demonstrated an attack that induced Duo into inserting malicious code into a ...
DataBreachToday3d
Patched GitLab Duo Flaws Risked Code Leak, Malicious Content
Hackers can exploit vulnerabilities in a generative artificial intelligence assistant integrated across GitLab's DevSecOps platform to manipulate the model's ...
The Hacker News8d
GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts
Indirect prompt injection in GitLab Duo exposed private source code and inserted malicious HTML into AI responses, risking ...
Business Insider4y
Code Review Automation Service Sider, Now Compatible with GitLab
This enhancement aims to provide software developers around the world a better code review experience and contribute to improved development productivity. How Sider came to support GitLab Sider is ...
CSO Online8d
Prompt injection flaws in GitLab Duo highlights risks in AI assistants
Researchers managed to trick GitLab’s AI-powered coding assistant to display malicious content to users and leak private ...
GitLab 18 integrates AI capabilities from Duo
GitLab 18 includes Duo’s AI-powered Code Suggestions for code completion and code generation, and AI-powered Chat.