Techly NewsGet the app

Get the latest tech news

Maximum-severity GitLab flaw allowing account hijacking under active exploitation | The threat is potentially grave because it could be used in supply-chain attacks


The threat is potentially grave because it could be used in supply-chain attacks.

With the ability to access them and surreptitiously introduce changes, attackers could sabotage projects or plant backdoors that could infect anyone using software built in the compromised environment. Advertisement According to Internet scans performed by security organization Shadowserver, more than 2,100 IP addresses showed they were hosting one or more vulnerable GitLab instances. The agency made no mention of MFA, but any GitLab users who haven’t already done so should enable it, ideally with a form that complies with the FIDO industry standard.

Get the Android app

Or read this on r/technology

Read more on:

Photo of threat

threat

Photo of GitLab

GitLab

Photo of active exploitation

active exploitation

Related news:

News photo

Maximum-Severity GitLab Flaw Allowing Account Hijacking Under Active Exploitation

News photo

Federal frenzy to patch gaping Gitlab account takeover hole

News photo

Federal frenzy to patch gaping GitLab account takeover hole

« More than half of Fortune 100 companies have bought Vision Pro units according to Apple. So it's sold at least 50 then
Why you should play Manor Lords as a cosy game »