Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Andy Brinkmeyer shares how engineering ...
A remote prompt injection flaw in GitLab Duo allowed attackers to steal private source code and inject malicious HTML. GitLab has since patched the issue. A newly disclosed vulnerability in GitLab Duo ...
Moving forward on AI, GitLab is offering a public beta of GitLab Duo Agent Platform, a devsecops orchestration platform intended to unlock asynchronous collaboration between developers and AI agents.
An indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant could have allowed attackers to steal source code, direct victims to malicious websites, and more. In fact, ...
Researchers managed to trick GitLab’s AI-powered coding assistant to display malicious content to users and leak private source code by injecting hidden prompts in code comments, commit messages and ...
GitLab Secrets Manager, now in public beta, scopes credentials to individual jobs and governs access through the same controls used for code. Developer Flow now handles the full merge request ...
GitLab 19.0 extends agentic AI across the full software lifecycle with its Duo Agent Platform, adds SBOM-based dependency scanning, and supports Claude Opus 4.7 and Gemini models. The release targets ...