CSOonline

Prompt injection flaws in GitLab Duo highlights risks in AI assistants

Researchers managed to trick GitLab’s AI-powered coding assistant to display malicious content to users and leak private source code by injecting hidden prompts in code comments, commit messages and ...
TechRepublic

GitLab Vulnerability ‘Highlights the Double-Edged Nature of AI Assistants’

A remote prompt injection flaw in GitLab Duo allowed attackers to steal private source code and inject malicious HTML. GitLab has since patched the issue. A newly disclosed vulnerability in GitLab Duo ...
Dark Reading

GitLab's AI Assistant Opened Devs to Code Theft

An indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant could have allowed attackers to steal source code, direct victims to malicious websites, and more. In fact, ...
Ars Technica

Researchers cause GitLab AI developer assistant to turn safe code malicious

Marketers promote AI-assisted developer tools as workhorses that are essential for today’s software engineer. Developer platform GitLab, for instance, claims its Duo chatbot can “instantly generate a ...
heise online

GitLab 18.8: Duo Agent Platform now generally available

With GitLab 18.8, GitLab is making the Duo Agent Platform generally available. It is intended to support companies in coordinating the use of AI agents for planning, development, security, and ...
Yahoo Finance

Should GitLab’s (GTLB) New Duo Agent AI Platform Redefine Its DevSecOps Investment Narrative?

The above button links to Coinbase. Yahoo Finance is not a broker-dealer or investment adviser and does not offer securities or cryptocurrencies for sale or facilitate trading. Coinbase pays us for ...