News

The Hacker News11d
GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts
Indirect prompt injection in GitLab Duo exposed private source code and inserted malicious HTML into AI responses, risking ...
Researchers cause GitLab AI developer assistant to turn safe code malicious
Researchers from security firm Legit on Thursday demonstrated an attack that induced Duo into inserting malicious code into a ...
CSO Online12d
Prompt injection flaws in GitLab Duo highlights risks in AI assistants
Researchers managed to trick GitLab’s AI-powered coding assistant to display malicious content to users and leak private ...
DataBreachToday6d
Patched GitLab Duo Flaws Risked Code Leak, Malicious Content
Hackers can exploit vulnerabilities in a generative artificial intelligence assistant integrated across GitLab's DevSecOps ...
GitLab Vulnerability ‘Highlights the Double-Edged Nature of AI Assistants’
A remote prompt injection flaw in GitLab Duo allowed attackers to steal private source code and inject malicious HTML. GitLab ...
Arabian Post8d
Hidden Prompts in GitLab Duo Expose Source Code to Theft
A critical vulnerability in GitLab's AI-powered coding assistant, Duo, has exposed private source code repositories to theft through a sophisticated indirect prompt injection attack, cybersecurity ...
The security debt of browsing AI agents
Our new study, "The Hidden Dangers of Browsing AI Agents" offers the first end-to-end threat model for browsing agents and ...