InfoWorld

AI in CI/CD pipelines can be tricked into behaving badly

Malicious content in issues or pull requests can trick AI agents in CI/CD workflows into running privileged commands in an ...
Dark Reading

GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln

For the second time in less than a month GitLab has users scrambling to address a critical vulnerability in the community and enterprise editions of its DevOps ...
Security Boulevard

Which Enterprise Automation Tools Integrate Best With CI/CD Pipelines?

Explore top enterprise automation tools that integrate seamlessly with CI/CD pipelines to improve workflow speed, testing, delivery, and team collaboration.
Bleeping Computer

Critical GitLab bug lets attackers run pipelines as any user

A critical vulnerability is affecting certain versions of GitLab Community and Enterprise Edition products, which could be exploited to run pipelines as any user. GitLab is a popular web-based ...
Bleeping Computer

GitLab warns of critical arbitrary branch pipeline execution flaw

GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw. The vulnerability, ...

Security researcher uncovers 17,000 secrets in public GitLab repositories

After scanning the entire public database, he found thousands of secrets ...
adtmag.com

GrammaTech Partners with GitLab to Add Shift-Left Capabilities to the CI/CD Pipeline

App security testing tools provider GrammaTech today announced a technology partnership with GitLab to integrate the GrammaTech CodeSonar Static Application Security Testing (SAST) solution with ...
TechRepublic

CircleCI CI/CD Tool Review

We review the continuous integration and continuous delivery tool, CircleCI. Learn about its pricing, features, and pros. CircleCI is a Continuous Integration and Continuous Delivery (CI/CD) platform ...