Ars Technica

Researchers cause GitLab AI developer assistant to turn safe code malicious

Marketers promote AI-assisted developer tools as workhorses that are essential for today’s software engineer. Developer platform GitLab, for instance, claims its Duo chatbot can “instantly generate a ...
Dark Reading

GitLab's AI Assistant Opened Devs to Code Theft

An indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant could have allowed attackers to steal source code, direct victims to malicious websites, and more. In fact, ...
Seeking Alpha

GitLab Announces GitLab 18 with AI-Native Capabilities to Increase Developer Productivity

Increasing developer efficiency with GitLab Duo Code Suggestions and Chat available to all Premium and Ultimate customers Accelerating core DevSecOps workflows for faster and more secure software ...
Hosted on MSN

Hidden Prompts in GitLab Duo Expose Source Code to Theft

A critical vulnerability in GitLab’s AI-powered coding assistant, Duo, has exposed private source code repositories to theft through a sophisticated indirect prompt injection attack, cybersecurity ...
TechRepublic

GitLab Vulnerability ‘Highlights the Double-Edged Nature of AI Assistants’

GitLab Vulnerability ‘Highlights the Double-Edged Nature of AI Assistants’ Your email has been sent A remote prompt injection flaw in GitLab Duo allowed attackers to steal private source code and ...
heise online

GitLab 18.1 declares Duo Code Review ready for production

GitLab 18.1 is available with over 100 new features. Among other things, the software development platform now offers a virtual Maven registry, makes the AI service Duo Code Review generally available ...
heise online

GitLab 18.2: Duo Agent Platform for VS Code and JetBrains released as beta

The GitLab Duo Agent Platform for IDEs has a connection to JetBrains IDEs and VS Code, can handle MCP and offers agentic chat and agent flows. GitLab's July release with version number 18.2 is now ...