IT News For Australia Business

GitLab fixes account takeover vulnerability

GitLab has patched a critical and trivial-to-exploit account takeover bug. The attack vector for CVE-2023-7028 is the password reset function. “User account password reset emails could be delivered to ...
Bleeping Computer

CISA says GitLab account takeover bug is actively exploited in attacks

CISA warned today that attackers are actively exploiting a maximum-severity GitLab vulnerability that allows them to take over accounts via password resets. GitLab hosts sensitive data, including ...
マイナビニュース

GitLab、AIネイティブ機能を搭載する「GitLab 18.0」

DevSecOpsを推進するGitLabは現地時間5月15日、AIネイティブ機能をPremiumやUltimate版に搭載する「GitLab 18.0」のリリースを発表した。 LLMを用いたコード補完やコードレビュー、コード生成やリファクタリング、チャットなどの生成AI機能を提供する同社のAI機能GitLab ...
heise online

GitLab: Account takeover possible after 1-click attack

Attackers can use a vulnerability in GitLab Community Edition and Enterprise Edition to gain access to data with which they can gain control over accounts. So far, there are no reports of ongoing ...
PR TIMES

GitLab Duo Enterpriseの一般提供を発表

「2024 Gartner® Magic Quadrant™」に新設されたAIコードアシスタント部門で、リーダーの1社として評価 最も包括的なAIを活用したエンタープライズDevSecOpsプラットフォームでソフトウェアイノベーションを実現するGitLab(本社:米サンフランシスコ、読み方 ...
TechRadar

GitLab issues patch for high severity account takeover vulnerability

GitLab has released patches for seven vulnerabilities, including a high-severity flaw that allowed threat actors to take over people’s accounts. The highlight of the security advisory is an XSS ...
Computer Weekly

Patch GitLab vuln without delay, users warned

The US Cybersecurity and Infrastructure Security Agency (CISA) has this week added a vulnerability that was first disclosed in January in the GitLab open source platform to its Known Exploited ...

Red Hat confirms security incident after hackers breach GitLab instance

An extortion group calling itself the Crimson Collective claims to have stolen nearly 570GB of compressed data across 28,000 ...