Contrast Security’s Application Detection and Response Honored as Finalist of the 2025 SC Awards
Contrast Security, Inc. is proud to announce that it has been named a finalist in the prestigious 2025 SC Awards. Contrast Application Detection and Response has been recognized in the Best Threat Detection Technology category, underscoring its commitment to excellence and leadership in the cybersecurity industry. The SC Awards, now in its 28th year, recognize the solutions, organizations, and individuals that have demonstrated outstanding achievement in advancing the security of information systems.
GitLab Fixes Security Flaw That Lets Attackers Run Pipeline Jobs
Contrast Security CISO David Lindner said this vulnerability is something administrators need to take notice of, and heed GitLab’s advice to upgrade immediately.
“This is REALLY bad, as it effectively turns off access controls for running pipelines, which is the lifeblood of moving software from development to production,” Lindner wrote in an email. “This vulnerability could allow unauthorized users to execute pipeline jobs as any other user, which in turn could enable attackers to run malicious code, access sensitive data and compromise software integrity.”
Unauthorized content alteration bug found in NSA platform
The U.S. National Security Agency's open-source SkillTree training platform on GitHub has been impacted by a medium severity cross-site request forgery vulnerability, tracked as CVE-2024-39326, which could be leveraged to facilitate unauthorized modifications of training content, SiliconAngle reports.
GitLab patches 2nd critical pipeline vulnerability in last month
The critical vulnerabilities CVE-2024-6385 and CVE-2024-5655 could put developers’ projects at risk by enabling attackers to “run malicious code, access sensitive data and compromise software integrity,” Contrast Security CISO David Lindner told SC Media.
“This is REALLY bad, as it effectively turns off access controls for running pipelines, which is the lifeblood of moving software from development to production,” Lindner sai
04/09/2025
04/02/2025
03/11/2025
