The Next Web

GitLab now automatically warns against merging API keys into your codebase

GitLab, the hugely popular devops platform, today announced the introduction of secrets detection with version 11.9 of the service. This means that should someone inadvertently include an API key or ...
TechRadar

Security researcher uncovers 17,000 secrets in public GitLab repositories

Researcher Luke Marshall found 17,000 exposed secrets in GitLab Cloud repositories Leaked credentials risk hijacks, cryptomining, and deeper infrastructure compromise Marshall automated scans, earned ...
Ars Technica

Maximum-severity GitLab flaw allowing account hijacking under active exploitation

A maximum severity vulnerability that allows hackers to hijack GitLab accounts with no user interaction required is now under active exploitation, federal government ...