Kubernetes Archives • Cybersecurity News

CVE-2024-52281: Rancher Vulnerability Exposes Users to Stored XSS Attacks

do son January 16, 2025

A severe vulnerability (CVE-2024-52281) has been discovered in Rancher, an open-source container management platform widely used for...

Exploiting Misconfigurations in Argo Workflows for Kubernetes Cluster Takeover CVE-2024-28175

Exploiting Misconfigurations in Argo Workflows for Kubernetes Cluster Takeover

do son January 6, 2025

Argo Workflows, a widely-used open-source tool for orchestrating workflows in Kubernetes, has become a valuable asset for...

OpenAI Services Hit by Major Outage Due to Telemetry Service Deployment OpenAI Major Outage

OpenAI Services Hit by Major Outage Due to Telemetry Service Deployment

do son December 15, 2024

OpenAI experienced a significant service disruption on December 11, 2024, impacting all its services, including ChatGPT, the...

CVE-2024-10220: Kubernetes Vulnerability Allows Arbitrary Command Execution

do son November 20, 2024

A high-severity vulnerability has been discovered in Kubernetes, potentially allowing attackers to execute arbitrary commands outside of...

CVE-2024-9693: GitLab Issues Critical Patch for Kubernetes Agent

do son November 13, 2024

GitLab has released a critical security update addressing a high-severity vulnerability that could grant unauthorized access to...

CVE-2024-9486 (CVSS 9.8): Kubernetes Image Builder Flaw Exposes VMs to Root Access CVE-2024-9486 & CVE-2024-9594 - Kubernetes Image Builder

CVE-2024-9486 (CVSS 9.8): Kubernetes Image Builder Flaw Exposes VMs to Root Access

do son October 15, 2024

The Kubernetes Security Response Committee has disclosed two security vulnerabilities (CVE-2024-9486 and CVE-2024-9594) in the Kubernetes Image...

New Malware Campaign Mines Crypto in Docker & Kubernetes Docker Swarm

New Malware Campaign Mines Crypto in Docker & Kubernetes

do son September 25, 2024

Datadog Security Research has uncovered a new and widespread malware campaign targeting Docker and Kubernetes environments, where...

CVE-2024-7646: A Threat to Kubernetes Clusters Running ingress-nginx

do son August 18, 2024

A newly discovered security vulnerability, CVE-2024-7646, has been identified in the widely used ingress-nginx controller for Kubernetes,...

Unpatched Kubernetes Flaw Leaves Clusters Open to Exploitation: Researcher Unveils Command Injection Vulnerability

do son August 15, 2024

Akamai researcher Tomer Peled has uncovered a concerning design flaw within Kubernetes’ git-sync project. This flaw could...

Evolving Cryptojacking Campaign Targets Misconfigured Kubernetes Clusters

do son June 9, 2024

In a recent investigation by cybersecurity researchers Avigayil Mechtinger, Shay Berkovich, and Gili Tikochinski at Wiz Research,...

CVE-2024-31989: Critical Argo CD Flaw Exposes Kubernetes Clusters to Takeover

do son May 22, 2024

Argo CD, a popular GitOps continuous delivery tool for Kubernetes, has disclosed a critical security vulnerability (CVE-2024-31989,...

The Trio of Unpatched Flaws in NGINX Ingress Controller for Kubernetes CVE-2023-5043

The Trio of Unpatched Flaws in NGINX Ingress Controller for Kubernetes

do son October 31, 2023

Cybersecurity experts have identified three critical, unpatched vulnerabilities in the NGINX Ingress traffic controller. These flaws could...

k0otkit: universal post-penetration technique in penetrations against Kubernetes clusters Kubernetes penetrations

k0otkit: universal post-penetration technique in penetrations against Kubernetes clusters

do son May 16, 2022

k0otkit – Manipulate K8s in a K8s way k0otkit is a universal post-penetration technique which could be...