The Next Web

GitLab now automatically warns against merging API keys into your codebase

GitLab, the hugely popular devops platform, today announced the introduction of secrets detection with version 11.9 of the service. This means that should someone inadvertently include an API key or ...
Ars Technica

Maximum-severity GitLab flaw allowing account hijacking under active exploitation

A maximum severity vulnerability that allows hackers to hijack GitLab accounts with no user interaction required is now under active exploitation, federal government ...

Security researcher uncovers 17,000 secrets in public GitLab repositories

On GitLab Cloud there were 17,000 secrets exposed in public repositories, spread across 2,800 unique domains. On Bitbucket, he found more than 6,200 secrets in 2.6 million repositories, and on Common ...