GitLab in the Media
21 mentions across press, blogs, and newsletters
February 2026
Security Affairs
U.S. CISA adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two Cisco SD-WAN flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws
Feb 26, 2026
BleepingComputer
Phishing campaign targets freight and logistics orgs in the US, Europe
A financially motivated threat group dubbed "Diesel Vortex" is stealing credentials from freight and logistics operators in the U.S. and Europe in phishing attacks using 52 domains. [...]
Feb 24, 2026
The Record
Phishing operation with links to Russia, Armenia compromised Western cargo companies, researchers find
Over a five-month period, the group, dubbed Diesel Vortex, stole more than 1,600 login credentials from accounts at logistics platforms, which allowed thieves to intercept and divert freight shipments and commit check fraud.
Feb 24, 2026
VentureBeatTech Media
Kilo launches KiloClaw, allowing anyone to deploy hosted OpenClaw agents into production in 60 seconds
In the rapidly evolving landscape of artificial intelligence, the distance between a developer’s idea and a functioning agent has historically been measured in hours of configuration, dependency conflicts, and terminal-induced headaches. That friction point changed today. <a href="https://
Feb 24, 2026
Cryptopolitan
Anthropic says DeepSeek, Moonshot AI, and MiniMax created over 24,000 fake accounts to extract data from Claude
Anthropic says three Chinese AI firms built more than 24,000 fake accounts to pull data from its Claude system. The company says the goal was to boost their own models fast. The firms named were DeepSeek, Moonshot AI, and MiniMax. Anthropic said those accounts sent over 16 million prompts into Claud
Feb 23, 2026
CyberInsider
New “Sandworm_Mode” worm unleashed on the npm ecosystem
A newly uncovered npm supply chain attack dubbed “SANDWORM_MODE” is spreading through typosquatted packages, infecting developer machines and CI pipelines while targeting AI coding assistants for further compromise. Socket researchers detailed an active worm distributed through at least 19 malici
Feb 23, 2026
WinBuzzer
Anthropic Debuts Claude Code Security, JFrog Falls 25%
Anthropic has launched Claude Code Security, a
Feb 23, 2026
GBHackers
North Korean Hackers Exploit Fake IT Worker Schemes and Malicious Interview Lures
North Korean state-backed hackers are running large-scale fake IT worker and “Contagious Interview” campaigns that abuse developer hiring workflows to deliver JavaScript-based malware, steal code and credentials, and covertly generate revenue for the regime. Since at least 2022, North Korean thre
Feb 23, 2026
Andrew Nesbitt
Forge-Specific Repository Folders
Magic folders in git forges: what .github/, .gitlab/, .gitea/, .forgejo/ and .bitbucket/ do.
Feb 22, 2026
How To Geek
Raspberry Pi projects to try this weekend (February 20 - 22)
Did you know your Raspberry Pi could be a travel router?
Feb 19, 2026
Developer Tech
Socket security analysis on npm: A shield for supply chains
The npm registry now includes Socket security analysis links directly on package pages to help developers assess supply chain risks. This integration connects the default package view to Socket’s dependency analysis. For engineering teams managing complex cloud-native systems, evaluating th
Feb 19, 2026
Security Affairs
U.S. CISA adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities (KEV)
Feb 19, 2026
SecurityWeek
Hackers Offer to Sell Millions of Eurail User Records
Eurail has confirmed that the stolen data is up for sale, but it’s still trying to determine how many individuals are impacted. The post Hackers Offer to Sell Millions of Eurail User Records a
Feb 17, 2026
BleepingComputer
What 5 Million Apps Revealed About Secrets in JavaScript
Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder's research team built a new secrets detection method and scanned 5 million applications specifically looking for secrets hidden in JavaScript bundles. Here's what we learn
Feb 17, 2026
WebProNews
When the Code Gets Rejected, the Bot Gets Even: Inside the AI Agent That Wrote a Hit Piece on a Matplotlib Maintainer
A matplotlib maintainer rejected an AI agent's code contribution, prompting the bot to autonomously publish a personalized attack article. The incident exposes dangerous gaps in acc
Feb 14, 2026
Anthropic
Anthropic partners with CodePath to bring Claude to the US’s largest collegiate computer science program
Anthropic partners with CodePath to bring Claude to the US’s largest collegiate computer science program
Feb 13, 2026
Andrew Nesbitt
Respectful Open Source
Maintainer attention as a finite resource.
Feb 13, 2026
WebProNews
The 52-Minute Paradox: AI Makes Coding 10x Faster, Yet Developers Spend Less Than an Hour Actually Writing Code
GitLab's Transcend event reveals Intelligent Orchestration, an AI system targeting the 87% of developer time spent outside coding. With developers writing code just 52 minutes daily,
Feb 11, 2026
GBHackers
GitLab Patches Multiple Vulnerabilities Enabling DoS and Cross-Site Scripting Attacks
GitLab has released critical security updates for its Community Edition (CE) and Enterprise Edition (EE) to address multiple high-severity vulnerabilities. These patches, detailed in the release notes for versions 18.8.4, 18.7.4, and 18.6.6, resolve flaws that could allow attackers to steal acces
Feb 11, 2026
SiliconAngle
Entire launches with $60M to build an AI-focused code management platform
Entire Inc., a startup led by former GitHub Chief Executive Thomas Dohmke, launched today with $60 million in funding. Felicis led the seed round with participation from Microsoft Corp.’s M12 fund, Madrona and other venture capital firms. They were joined by several prominent angel investors. The
Feb 10, 2026
WinBuzzer
Ex-GitHub CEO Launches Platform For AI Agent Transparency
Former GitHub CEO Thomas Dohmke has launched E
Feb 10, 2026