News

Researchers cause GitLab AI developer assistant to turn safe code malicious
Researchers from security firm Legit on Thursday demonstrated an attack that induced Duo into inserting malicious code into a ...
DataBreachToday4d
Patched GitLab Duo Flaws Risked Code Leak, Malicious Content
Hackers can exploit vulnerabilities in a generative artificial intelligence assistant integrated across GitLab's DevSecOps ...
GitLab Vulnerability ‘Highlights the Double-Edged Nature of AI Assistants’
A remote prompt injection flaw in GitLab Duo allowed attackers to steal private source code and inject malicious HTML. GitLab ...
Automating Trust: How Gnanendra Reddy Muthirevula Shapes Secure Cloud Pipelines
A proponent of agile leadership, Gnanendra Reddy Muthirevula mentors teams, streamlines releases, and drives continuous ...
The Hacker News9d
GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts
Indirect prompt injection in GitLab Duo exposed private source code and inserted malicious HTML into AI responses, risking ...
CSO Online10d
Prompt injection flaws in GitLab Duo highlights risks in AI assistants
Researchers managed to trick GitLab’s AI-powered coding assistant to display malicious content to users and leak private ...
New ChatGPT Scam Infects Users With Ransomware: ‘Exercise Extreme Caution’
The threat actors use a ransomware strain called CyberLock, which encrypts specific files on the user’s device,” Cisco Talos ...
Amazon's Secret Weapon 'Kiro' Set to Blow Up the Coding World
Amazon's secret Kiro project uses AI agents to slash coding time, challenging Microsoft and Google. Will it redefine software development?
Zacks Investment Research on MSN4d
GitLab Declines 15% YTD: Should You Buy the Stock on the Dip?
GitLab GTLB shares have lost 14.8% year to date (YTD), underperforming the broader Zacks Computer and Technology sector’s 1.3 ...
Breaking silos: unifying DevOps and MLOps into a unified software supply chain
DevOps and MLOps have similar automation, versioning, and deployment goals, but they rely on separate tools and processes.