Bleeping Computer

Attackers Wiping GitHub and GitLab Repos, Leave Ransom Notes

Attackers are targeting GitHub, GitLab, and Bitbucket users, wiping code and commits from multiple repositories according to reports and leaving behind only a ransom note and a lot of questions. While ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel domains to stage malware is a tactic that has been adopted by North Korea-linked ...
ZDNet

GitLab fixes security issue that let anyone hijack custom domains

A security researcher hijacked hundreds of GitLab domains in just a few seconds by exploiting a weakness in how the company handles domain verification -- a security issue that the company has now ...
Bleeping Computer

GitLab affected by GitHub-style CDN flaw allowing malware hosting

BleepingComputer recently reported how a GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making ...
Hosted on MSN

Red Hat breach escalates as criminals collaborate on 'multi-terabyte' extortion plot

Red Hat's breach nightmare just got worse, as the Crimson Collective crew that claims to have ransacked its GitLab repos has joined forces with the ShinyHunters-linked "Scattered Lapsus$ Hunters" gang ...

GitLab: Punished Multiple, Compounding Business - A Setup For Asymmetric Upside (Rating Downgrade)

GitLab is evolving from a DevSecOps tool to a governance-focused orchestration platform, prioritizing secure, auditable software production. More on GTLB stock.