2 May
2024
2 May
'24
1:59 p.m.
This one looks fun:
A maximum severity vulnerability that allows hackers to hijack GitLab accounts with no user interaction required is now under active exploitation, federal government officials warned as data showed that thousands of users had yet to install a patch released in January.
https://arstechnica.com/security/2024/05/0-click-gitlab-hijacking-flaw-under...
The vulnerability, tracked as CVE-2023-7028, carries a severity rating of 10 out of 10.
Make sure you're patched if you run GitLab! rb -- BCLUG.ca https://bclug.ca To subscribe, send an email to discuss-join@lists.bclug.ca List Web site: https://lists.bclug.ca/mailman/listinfo/discuss