GitLab Fixes Vulnerabilities Allowing Account Takeover

GitLab has fixed vulnerabilities that allowed the takeover of accounts. These vulnerabilities include CVE-2025-30123, a critical security flaw in the authentication mechanism. Additionally, a threat model for cloud service providers has been developed, identifying specific risks associated with the use of services such as AWS, Azure, and GCP. Furthermore, outages have affected GCP and CloudFlare, resulting in service disruptions for many users. The outages lasted several hours and impacted various cloud services.