GitLab Extends Agentic AI with New Automated Security Remediation, Pipeline Setup, and Delivery Analytics

GitLab Inc., the intelligent orchestration platform for DevSecOps, today released GitLab 18.11, expanding agentic AI across ...
Dark Reading

GitLab's AI Assistant Opened Devs to Code Theft

An indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant could have allowed attackers to steal source code, direct victims to malicious websites, and more. In fact, ...
InfoQ

GitLab Adds AI Code Assistance with Self-Hosted GitLab 18 Release

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Dany Lepage discusses the architectural ...
Ars Technica

Researchers cause GitLab AI developer assistant to turn safe code malicious

Marketers promote AI-assisted developer tools as workhorses that are essential for today’s software engineer. Developer platform GitLab, for instance, claims its Duo chatbot can “instantly generate a ...
Hosted on MSN

Hidden Prompts in GitLab Duo Expose Source Code to Theft

A critical vulnerability in GitLab’s AI-powered coding assistant, Duo, has exposed private source code repositories to theft through a sophisticated indirect prompt injection attack, cybersecurity ...
CSOonline

Prompt injection flaws in GitLab Duo highlights risks in AI assistants

Researchers managed to trick GitLab’s AI-powered coding assistant to display malicious content to users and leak private source code by injecting hidden prompts in code comments, commit messages and ...