CSOonline

Prompt injection flaws in GitLab Duo highlights risks in AI assistants

Researchers managed to trick GitLab’s AI-powered coding assistant to display malicious content to users and leak private source code by injecting hidden prompts in code comments, commit messages and ...
SD Times

GitLab 18 integrates AI capabilities from Duo

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...
Dark Reading

GitLab's AI Assistant Opened Devs to Code Theft

An indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant could have allowed attackers to steal source code, direct victims to malicious websites, and more. In fact, ...
Ars Technica

Researchers cause GitLab AI developer assistant to turn safe code malicious

Marketers promote AI-assisted developer tools as workhorses that are essential for today’s software engineer. Developer platform GitLab, for instance, claims its Duo chatbot can “instantly generate a ...
Hosted on MSN

Hidden Prompts in GitLab Duo Expose Source Code to Theft

A critical vulnerability in GitLab’s AI-powered coding assistant, Duo, has exposed private source code repositories to theft through a sophisticated indirect prompt injection attack, cybersecurity ...
Hosted on MSN

GitLab (GTLB) Expands AI Momentum With Latest Duo Updates

GitLab GTLB recently announced updates to GitLab Duo, including the beta of GitLab Duo Chat, which will be available in the GitLAb 16.6 November product release. GitLab Duo increases team ...
InfoWorld

Prompt Security adds code sanitization, data leak prevention for GitHub Copilot

The update brings added support for GitHub Copilot Free, Amazon Q, Tabnine, Blackbox, GitLab Duo, Supermaven, and Sourcegraph Cody. Prompt Security also now scans for vulnerable output in the AI code ...