研究人员发现，通过将隐藏指令植入代码注释、提交信息和合并请求描述中，可以诱骗GitLab的AI编程助手Duo向用户显示恶意内容并泄露私有源代码。这款AI助手会解析来自公共代码库的注释、源代码、合并请求描述和提交信息中的恶意AI提示，导致其向用户推荐 ...

Researchers managed to trick GitLab’s AI-powered coding assistant to display malicious content to users and leak private source code by injecting hidden prompts in code comments, commit messages and ...

GitLab 18.8 带来多项新功能，包括 GitLab Duo Planner Agent、GitLab Duo Security Analyst Agent、自动忽略不相关漏洞等。随着本次发布，用于帮助组织统一编排 AI 代理的 GitLab Duo Agent Platform 正式达到全面可用（General Availability，GA）状态。 GitLab 表示，GitLab ...

Marketers promote AI-assisted developer tools as workhorses that are essential for today’s software engineer. Developer platform GitLab, for instance, claims its Duo chatbot can “instantly generate a ...

IT之家 7 月 22 日消息，GitLab 宣布旗下 AI 协作平台 GitLab Duo 正式开启公测，该平台主要提供一系列 AI Agent 帮助程序员开发软件流程，号称全方位覆盖“需求规划、代码编写、测试部署”三大阶段，开发者可直接通过 VS Code、JetBrains 系列 IDE 与相应 AI Agent 互动。

A critical vulnerability in GitLab’s AI-powered coding assistant, Duo, has exposed private source code repositories to theft through a sophisticated indirect prompt injection attack, cybersecurity ...

The update brings added support for GitHub Copilot Free, Amazon Q, Tabnine, Blackbox, GitLab Duo, Supermaven, and Sourcegraph Cody. Prompt Security also now scans for vulnerable output in the AI code ...

GitLab GTLB recently announced updates to GitLab Duo, including the beta of GitLab Duo Chat, which will be available in the GitLAb 16.6 November product release. GitLab Duo increases team ...

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...