Kubernetes Security Archives • Daily CyberSecurity

Unauthenticated Execution Threatens Kubernetes Clusters critical Fission router vulnerability

Unauthenticated Execution Threatens Kubernetes Clusters

Ddos May 27, 2026

Security researchers have uncovered a severe flaw in a popular open-source serverless platform. Specifically, the newly discovered...

Cloud Under Siege: Persistent P2Pinfect Botnet Activity Discovered in Kubernetes Environments

Ddos May 24, 2026

Security researchers have discovered a stealthy cloud threat hiding inside enterprise cloud environments. Specifically, FortiGuard Labs recently...

Kubernetes Alert: 9.4 Severity RCE in CloudNativePG Enables PostgreSQL Superuser Takeover CloudNativePG RCE Vulnerability CVE-2026-44477

Kubernetes Alert: 9.4 Severity RCE in CloudNativePG Enables PostgreSQL Superuser Takeover

Ddos May 15, 2026

In a critical discovery for Kubernetes-based database environments, researchers have unveiled a severe privilege escalation and Remote...

Critical 9.9 CVSS Rancher Fleet Flaw Grants Full Cluster-Admin Access Rancher, GitOps Rancher Fleet Critical Vulnerability CVE-2026-41050

Critical 9.9 CVSS Rancher Fleet Flaw Grants Full Cluster-Admin Access

Ddos May 8, 2026

The SUSE Rancher Security team has issued a high-priority advisory regarding a pair of vulnerabilities in Fleet,...

Rancher Flaw Allows Malicious Plugins to Hijack Kubernetes Clusters Rancher Path Traversal CVE-2026-25705 Rancher Vulnerabilities, SAML Phishing CVE-2024-22036 Rancher, vulnerability

Rancher Path Traversal CVE-2026-25705 Rancher Vulnerabilities, SAML Phishing CVE-2024-22036 Rancher, vulnerability

Rancher Flaw Allows Malicious Plugins to Hijack Kubernetes Clusters

Ddos May 5, 2026

The SUSE Rancher Security team has issued an urgent advisory regarding a high-severity vulnerability in Rancher, the...

Encryption Bypasses and Kubernetes Token Leaks Hit Apache Tomcat CVE-2023-45648 Apache Tomcat Security Encryption Bypass

Encryption Bypasses and Kubernetes Token Leaks Hit Apache Tomcat

Ddos April 13, 2026

Apache Tomcat, the open-source backbone for millions of Java-based web applications, has been hit by a wave...

High-Severity ingress-nginx Flaw Exposes Kubernetes Secrets CVE-2024-9042 ingress-nginx Vulnerability CVE-2026-4342

High-Severity ingress-nginx Flaw Exposes Kubernetes Secrets

Ddos March 20, 2026

A high-severity security flaw has been identified in ingress-nginx, a widely used Ingress controller for Kubernetes clusters....

Kubernetes Security Alert: “Ingress-Nginx” Injection Flaw Risks Cluster-Wide Secret Exposure ingress-nginx Vulnerability CVE-2026-3288

Kubernetes Security Alert: “Ingress-Nginx” Injection Flaw Risks Cluster-Wide Secret Exposure

Ddos March 10, 2026

A critical security vulnerability has been identified in ingress-nginx, the widely used Ingress controller for Kubernetes. Tracked...

VoidLink Rising: New “AI-Ready” Malware Framework Targets Linux & IoT VoidLink Framework UAT-9921 Russian hacking group

VoidLink Rising: New “AI-Ready” Malware Framework Targets Linux & IoT

Ddos February 12, 2026

A new and sophisticated threat actor has emerged from the shadows, wielding a modular attack framework designed...

Cluster Admin for All: Critical Kyverno Flaw (CVSS 10) Shatters Isolation Kyverno SSRF Kubernetes Policy Engine Kyverno Privilege Escalation CVE-2026-22039

Kyverno SSRF Kubernetes Policy Engine Kyverno Privilege Escalation CVE-2026-22039

Cluster Admin for All: Critical Kyverno Flaw (CVSS 10) Shatters Isolation

Ddos January 30, 2026

The maintainers of Kyverno, a popular Kubernetes-native policy engine, have released an urgent security update to address...

CVE-2026-22822: Critical Flaw in External Secrets Operator Breaks Namespace Isolation External Secrets Operator CVE-2026-22822

CVE-2026-22822: Critical Flaw in External Secrets Operator Breaks Namespace Isolation

Ddos January 23, 2026

A critical security vulnerability has been discovered in the External Secrets Operator, a widely used Kubernetes tool...

VoidLink: The “Cloud-First” Malware Hunting Your Linux Servers Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

VoidLink: The “Cloud-First” Malware Hunting Your Linux Servers

Ddos January 14, 2026

A new, highly sophisticated malware framework has emerged from the shadows, specifically engineered to infest the modern...

CRITICAL: Fluent Bit Flaws Enable RCE and Telemetry Tampering in Major Orgs Fluent Bit, Telemetry Agent

CRITICAL: Fluent Bit Flaws Enable RCE and Telemetry Tampering in Major Orgs

Ddos November 25, 2025

Oligo Security researchers have uncovered a dangerous chain of vulnerabilities in Fluent Bit, the popular, lightweight telemetry...

Rancher Releases Patch for CVE-2024-22031 Privilege Escalation Vulnerability Rancher CVE-2024-22031 Privilege Escalation

Rancher Releases Patch for CVE-2024-22031 Privilege Escalation Vulnerability

Ddos April 30, 2025

The SUSE Rancher Security Team has issued a security advisory regarding a newly disclosed vulnerability affecting multiple...