News

Dark Reading1y
GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln
Developers can trigger the automated workflow via code commits, merge requests or scheduled jobs. The vulnerability, identified as CVE-2024-6385, gives attackers a way to run a pipeline in the ...