News

Researchers cause GitLab AI developer assistant to turn safe code malicious
Researchers from security firm Legit on Thursday demonstrated an attack that induced Duo into inserting malicious code into a script it had been instructed to write. The attack could also leak private ...
CSO Online2d
Prompt injection flaws in GitLab Duo highlights risks in AI assistants
Researchers managed to trick GitLab’s AI-powered coding assistant to display malicious content to users and leak private source code by injecting hidden prompts in code comments, commit messages and ...
Business Insider4y
Code Review Automation Service Sider, Now Compatible with GitLab
How Sider came to support GitLab Sider is a code review automation service on GitHub provided by Sleeek. By analyzing source code, automatically detecting problem areas, and reporting them to the ...
Bleeping Computer1y
GitLab warns of critical zero-click account hijacking vulnerability
source code, helm chart, etc.) of a product is mentioned, this means all types are affected.” The most critical security issue GitLab patched has the maximum severity score (10 out of 10 ...
TechCrunch2y
GitLab’s new security feature uses AI to explain vulnerabilities to developers
Developer platform GitLab today announced a new AI-driven security ... the best way to fix a vulnerability within the context of code base. It’s this context that makes the difference here ...