ZDNet

PyPI, GitLab dealing with spam attacks

Spammers have inundated the Python Package Index (PyPI) portal and the GitLab source code hosting website with garbage content, flooding both with ads for shady sites and services. The attacks were ...
Dark Reading

'Culturestreak' Malware Lurks Inside GitLab Python Package

In what's becoming an all-too-common occurrence in the current threat landscape, security researchers have found yet another malicious open source package, this time an active Python file on GitLab ...
TechCrunch

GitLab’s new security feature uses AI to explain vulnerabilities to developers

Developer platform GitLab today announced a new AI-driven security feature that uses a large language model to explain potential vulnerabilities to developers, with plans to expand this to ...
Ars Technica

Maximum-severity GitLab flaw allowing account hijacking under active exploitation

A maximum severity vulnerability that allows hackers to hijack GitLab accounts with no user interaction required is now under active exploitation, federal government ...