Hosted on MSN

Security researcher uncovers 17,000 secrets in public GitLab repositories

Researcher Luke Marshall found 17,000 exposed secrets in GitLab Cloud repositories Leaked credentials risk hijacks, cryptomining, and deeper infrastructure compromise Marshall automated scans, earned ...
NextBigFuture

Aembit Extends Secretless CI/CD with Credential Lifecycle Management for GitLab

Aembit, the workload identity and access management (IAM) company, today announced new capabilities for GitLab designed to reduce the security risks of long-lived personal access tokens (PATs) and ...
Bleeping Computer

Hackers steal 15,000 cloud credentials from exposed Git config files

A large-scale malicious operation named "EmeraldWhale" scanned for exposed Git configuration files to steal over 15,000 cloud account credentials from thousands of private repositories. According to ...
Bleeping Computer

GitLab warns of critical pipeline execution vulnerability

GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions.