Cybersecurity Researchers Uncover Vulnerability in GitLab Duo AI Assistant

Cybersecurity researchers have discovered an indirect prompt injection vulnerability in GitLab's Duo AI assistant, which could have allowed attackers to steal source code and inject untrusted HTML into its responses, thereby redirecting victims to malicious websites. GitLab Duo is an AI-powered coding assistant that helps users write code.