A security research project led by Luke Marshall scanned 5.6 million GitLab repositories, uncovering over 17,000 live secrets and earning $9,000 in bounties, highlighting GitLab's larger scale and higher exposure risk compared to Bitbucket.

GitLab's team discovers a large-scale npm supply chain attack with malware that spreads through npm packages, threatening data destruction if disrupted.

From Commit to Production Ready

GitLab 18.5 introduces a new panel-based UI and AI-driven tools to enhance usability, streamline workflows, and improve security with features like automated vulnerability triage and Static Reachability Analysis.

A security breach in Red Hat's consulting GitLab instance led to the theft of 570GB of data by the "Crimson Collective," impacting around 800 organizations across multiple sectors.