Also, if you had 2FA enabled, you're pretty much safe.
I had it enabled on my account, but some users on my server did not. That has now changed. Fortunately, we weren't exploited.
Serious CVE in GitLab.
Update ASAP if you are running an instance.
https://thehackernews.com/2024/01/urgent-gitlab-releases-patch-for.html
Also, if you had 2FA enabled, you're pretty much safe.
I had it enabled on my account, but some users on my server did not. That has now changed. Fortunately, we weren't exploited.
