An old vulnerability (CVE-2021-22205) is being actively exploited for controlling on-premise Gitlab servers, Rapid7 researcher Jacob Baines remarks. What makes it worse is at least half of the 60,000 internet-facing GitLab installations the company has identified remains unpatched for the vulnerability. Damian Menschen, a security reliability engineer in charge of DDoS defense at Google, commented, … Continue reading Unpatched GitLab servers vulnerable