eWeek

Duo Security Discloses SAML Single Sign On Vulnerabilities

eSpeaks' Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly ...
CSOonline

SAML authentication broken almost beyond repair

Black Hat Europe 2025: Multiple hacking techniques allow researchers to bypass XML signature validation while still presenting valid SAML documentation to an application. Researchers have uncovered ...
Dark Reading

GitLab Warns of Max Severity Authentication Bypass Bug

Organizations with self-hosted GitLab instances configured for SAML-based authentication might want to update immediately to new versions of the DevOps platform that the company released this week.
heise online

Critical SAML login vulnerability with maximum score jeopardizes Gitlab server

Admins of self-hosted Gitlab instances should update their servers quickly. Due to a"critical" security vulnerability, access may be possible without logging in. In a warning message, the developers ...
heise online

Security vulnerabilities: Gitlab developers advise rapid update

According to a warning message, two vulnerabilities (CVE-2025-25291, CVE-2025-25292) are considered “critical”. However, systems are only vulnerable if authentication via SAML SSO is active and ...