GitLab向运行自托管版AI Gateway的组织发布紧急安全警报，警告存在一个高危漏洞可能允许攻击者使服务崩溃或执行任意代码。该漏洞编号为CVE-2026-1868，CVSS评分高达9.9（接近满分），表明未打补丁的实例面临迫在眉睫的危险。

GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions.

代码防泄密到底该如何落地？光靠签保密协议（NDA）和道德约束显然是不够的。今天，小编结合多年的企业安全服务经验，为大家精选了 6 款不同维度的防泄密工具。无论你是想从源头加密，还是想监控行为，这里都有适合你的方案。

A maximum severity vulnerability that allows hackers to hijack GitLab accounts with no user interaction required is now under active exploitation, federal government ...