GitLab servers are being exploited in DDoS attacks (The Record)
GitLab servers are being exploited in DDoS attacks (The Record)
[Security] Posted Nov 5, 2021 2:27 UTC (Fri) by corbet
The Record is reporting on massive exploitation of an oldish vulnerability in GitLab instances.
While the purpose of these attacks remained unclear for HN Security, yesterday, Google’s Menscher said the hacked servers were part of a botnet comprising of “thousands of compromised GitLab instances” that was launching large-scale DDoS attacks.
The vulnerability was fixed in April, but evidently a lot of sites have not updated.