CSO Online

GitLab 2FA login protection bypass lets attackers take over accounts

The platform warns users of on-premises versions to upgrade to the latest versions; SaaS and web versions have been patched.
ZDNet

GitLab patches Elasticsearch private group data leak bug

A bug bounty researcher has been awarded $3000 for disclosing a security issue in GitLab leading to the exposure of private groups. The report was made public on the HackerOne bug bounty platform on ...