Bleeping Computer

CISA says GitLab account takeover bug is actively exploited in attacks

CISA warned today that attackers are actively exploiting a maximum-severity GitLab vulnerability that allows them to take over accounts via password resets. GitLab hosts sensitive data, including ...
heise online

GitLab: Account takeover possible after 1-click attack

Attackers can use a vulnerability in GitLab Community Edition and Enterprise Edition to gain access to data with which they can gain control over accounts. So far, there are no reports of ongoing ...
Bleeping Computer

GitLab warns of critical zero-click account hijacking vulnerability

GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction. The vendor ...
IT News For Australia Business

GitLab fixes account takeover vulnerability

GitLab has patched a critical and trivial-to-exploit account takeover bug. The attack vector for CVE-2023-7028 is the password reset function. “User account password reset emails could be delivered to ...
heise online

Development platform: GitLab 17.10 focuses on code review with AI

The March update for the GitLab development platform has been released. Version 17.10 extends the functions of GitLab Duo – for AI-supported code reviews and root cause analyses – and raises GitLab ...
TheServerSide

Quickly generate, add and setup GitLab SSH Keys

Community driven content discussing all aspects of software development from DevOps to design patterns. The Secure Socket Shell (SSH) is the preferred connection mechanism, especially when compared to ...