BETA

Search Articles

Search Results: GitLabSecurity

Red Hat's GitLab Breach Exposes Consulting Data: Assessing the Supply Chain Fallout

Red Hat's GitLab Breach Exposes Consulting Data: Assessing the Supply Chain Fallout

4 min read
A cybercrime group infiltrated Red Hat's private GitLab instance, stealing sensitive consulting reports and claiming access to customer infrastructure details. While Red Hat confirms the breach but downplays immediate product risks, the incident reignites critical questions about trust in open-source supply chains.

GitLab CI/CD Pipeline Tokens Vulnerable to Stealthy Exposure via API, Researcher Warns

3 min read
Security researcher 'sellathechemist' reveals a critical flaw in GitLab's handling of CI/CD pipeline tokens, demonstrating how these sensitive credentials can be silently exfiltrated via the GitLab API without triggering permission checks. This vulnerability exposes pipelines to impersonation attacks and unauthorized repository access, posing a significant threat to software supply chains.