Ars Technica

Researchers cause GitLab AI developer assistant to turn safe code malicious

Marketers promote AI-assisted developer tools as workhorses that are essential for today’s software engineer. Developer platform GitLab, for instance, claims its Duo chatbot can “instantly generate a ...
Dark Reading

GitLab's AI Assistant Opened Devs to Code Theft

An indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant could have allowed attackers to steal source code, direct victims to malicious websites, and more. In fact, ...

Black Duck Expands Polaris Integrations to Deliver Frictionless DevSecOps at Enterprise Scale

Black Duck®, the leader in AI-powered application security, today announced the immediate availability of a powerful set of enhanced Black Duck PolarisTM Platform integrations across all major source ...
Opinion
Database Trends and ApplicationsOpinion

Black Duck Delivers Frictionless DevSecOp with Expanded Polaris Integrations

Black Duck, a leader in AI-powered application security, is offering a powerful set of enhanced Black Duck Polaris Platform integrations across all major source code management (SCM) ...
CSOonline

Orca bolsters cloud security offering with source code support

Cybersecurity provider Orca has added new source code posture management capabilities to its cloud security offering by adding support for popular source code management (SCM) platforms. The new ...
TechRepublic

GitLab’s Lemos: AI, Automation are Key to DevSecOps

GitLab's CISO Josh Lemos on securing CI/CD of software with generative AI tools and how automation enables continuous security in the software development supply chain. GitLab, like its competitor ...
Hosted on MSN

Hidden Prompts in GitLab Duo Expose Source Code to Theft

A critical vulnerability in GitLab’s AI-powered coding assistant, Duo, has exposed private source code repositories to theft through a sophisticated indirect prompt injection attack, cybersecurity ...