Bleeping Computer

GitLab warns of critical arbitrary branch pipeline execution flaw

GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw. The vulnerability, ...
InfoWorld

Advanced CI/CD: 6 steps to better CI/CD pipelines

Configuring basic continuous integration and continuous delivery (CI/CD) pipelines that automate packaging, compiling, and pushing code to application delivery environments is considered a fundamental ...
Computer Weekly

How AI code generation is pushing DevSecOps to machine speed

Organisations should adopt shared platforms and automated governance to keep pace with the growing use of generative AI tools ...
Visual Studio Magazine

Hardening CI/CD: Essential Strategies to Mitigate Security Risks

As DevOps practices mature and Continuous Integration/Continuous Deployment (CI/CD) pipelines become more deeply embedded in the software delivery lifecycle, the ...
Bleeping Computer

GitLab warns of critical pipeline execution vulnerability

GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions.
Arabian Post

AI bot exploits GitHub actions to breach major code pipelines

The attacks, which unfolded over several days starting in late February, involved the bot opening crafted pull requests that ...
InfoQ

Pinterest Engineering Reduces Android CI Build Times by 36% with Runtime-Aware Sharding

Pinterest published a technical case study detailing how its engineering team cut Android end-to-end (E2E) continuous integration (CI) build times by more than 36 percent by adopting a runtime-aware ...