all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Patch time: Critical GitLab vulnerability exposes 2FA-less users to account takeovers

Add to bookmarks
Jan. 15, 2024, 5:36 p.m. | Connor Jones

The Register - Security www.theregister.com

The bug with a perfect 10 severity score has been ripe for exploitation since May

GitLab admins should apply the latest batch of security patches pronto given the new critical account-bypass vulnerability just disclosed.…

2fa account account takeovers batch bug bypass bypass vulnerability critical exploitation gitlab latest may patch patches perfect ripe score security security patches severity takeovers vulnerability

Visit resource

More from www.theregister.com / The Register - Security

Cyber-bastard jailed for stealing psychotherapy files, blackmailing patients 58 minutes ago | www.theregister.com
crime cyber files nation +9
UnitedHealth CEO: 'Decision to pay ransom was mine' 4 hours ago | www.theregister.com
access authentication ceo change +25
NSA employee who tried and failed to spy for Russia gets 262 months in the … 7 hours ago | www.theregister.com
docs employee low nsa +8
European Commission starts formal probe of Meta over election misinformation 11 hours ago | www.theregister.com
action distribution election elections +14
Apple's 'incredibly private' Safari is not so private in Europe 17 hours ago | www.theregister.com
antitrust app apple app stores +18
AT&T, Verizon, Sprint, T-Mobile US fined $200M for selling off people's location info 1 day, 1 hour ago | www.theregister.com
amp brokers carriers claim +16
Google blocked 2.3M apps from Play Store last year for breaking the G law 1 day, 2 hours ago | www.theregister.com
accounts android android apps apps +12
London Drugs closes all of its pharmacies following 'cybersecurity incident' 1 day, 6 hours ago | www.theregister.com
canadian cybersecurity cybersecurity incident drugs +5
France willing to buy key Atos assets to keep them French 1 day, 11 hours ago | www.theregister.com
assets atos cash finance +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Emergency Management Invoice Compliance Reviewer

@ AC Disaster Consulting | Denver, Colorado, United States - Remote
View on infosec-jobs.com

Threat Intelligence Librarian

@ Microsoft | Cheltenham, Gloucestershire, United Kingdom
View on infosec-jobs.com

Cyber Content Operations Manager - Remote in UK

@ Immersive Labs | United Kingdom
View on infosec-jobs.com

(Junior) Security Engineer (m/w/d)

@ CHECK24 | Berlin, Germany
View on infosec-jobs.com

Cyber Security

@ Necurity Solutions | Bengaluru, Karnataka, India
View on infosec-jobs.com
View more jobs