An indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant could have allowed attackers to steal source code, direct victims to malicious websites, and more. In fact, ...

Earlier this year, GitLab unveiled Duo, a set of AI features that aim to help developers be more productive by summarizing issues and generating descriptions of epics and issues, as well as through ...

Marketers promote AI-assisted developer tools as workhorses that are essential for today’s software engineer. Developer platform GitLab, for instance, claims its Duo chatbot can “instantly generate a ...

A critical vulnerability in GitLab’s AI-powered coding assistant, Duo, has exposed private source code repositories to theft through a sophisticated indirect prompt injection attack, cybersecurity ...

Researchers managed to trick GitLab’s AI-powered coding assistant to display malicious content to users and leak private source code by injecting hidden prompts in code comments, commit messages and ...

A remote prompt injection flaw in GitLab Duo allowed attackers to steal private source code and inject malicious HTML. GitLab has since patched the issue. A newly disclosed vulnerability in GitLab Duo ...

GitLab GTLB recently announced updates to GitLab Duo, including the beta of GitLab Duo Chat, which will be available in the GitLAb 16.6 November product release. GitLab Duo increases team ...

GitLab 19.0 extends agentic AI across the full software lifecycle with its Duo Agent Platform, adds SBOM-based dependency scanning, and supports Claude Opus 4.7 and Gemini models. The release targets ...

Moving forward on AI, GitLab is offering a public beta of GitLab Duo Agent Platform, a devsecops orchestration platform intended to unlock asynchronous collaboration between developers and AI agents.