InfoWorld

AI in CI/CD pipelines can be tricked into behaving badly

Malicious content in issues or pull requests can trick AI agents in CI/CD workflows into running privileged commands in an ...
Dark Reading

GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln

For the second time in less than a month GitLab has users scrambling to address a critical vulnerability in the community and enterprise editions of its DevOps ...
NextBigFuture

Aembit Extends Secretless CI/CD with Credential Lifecycle Management for GitLab

Aembit, the workload identity and access management (IAM) company, today announced new capabilities for GitLab designed to reduce the security risks of long-lived personal access tokens (PATs) and ...
heise online

Page 2: Approach to modularizing workflow stages with GitLab Job Template

The subdivision into specific stages serves the purpose of dividing the individual steps in the GitLab workflow directly into specific functions – The tools used are interchangeable. The stages and ...

Security researcher uncovers 17,000 secrets in public GitLab repositories

On GitLab Cloud there were 17,000 secrets exposed in public repositories, spread across 2,800 unique domains. On Bitbucket, ...
adtmag.com

GrammaTech Partners with GitLab to Add Shift-Left Capabilities to the CI/CD Pipeline

App security testing tools provider GrammaTech today announced a technology partnership with GitLab to integrate the GrammaTech CodeSonar Static Application Security Testing (SAST) solution with ...