Attackers are actively exploiting an “old” vulnerability (CVE-2021-22205) to take over on-premise GitLab servers, Rapid7 researcher Jacob Baines warns. The additional bad news is that at least half of the 60,000 internet-facing GitLab installations the company detects are not patched against this issue. What are the attackers doing with these servers? Damian Menscher, a security reliability engineer responsible for DDoS defense at Google, says that some of them are used to generate DDoS attacks: A … More ? The post Tens of thousands unpatched GitLab servers under attack via CVE-2021-22205 appeared first on Help Net Security .

View the original here:
Tens of thousands unpatched GitLab servers under attack via CVE-2021-22205