Kubernetes Archives • Daily CyberSecurity

GitOps Security Breach: Critical 9.6 CVSS Argo CD Flaw Exposes Plaintext Kubernetes Secrets Argo CD Secret Leak CVE-2026-42880 CVE-2024-28175 Argo CD DoS, Webhook Flaws

Argo CD Secret Leak CVE-2026-42880 CVE-2024-28175 Argo CD DoS, Webhook Flaws

GitOps Security Breach: Critical 9.6 CVSS Argo CD Flaw Exposes Plaintext Kubernetes Secrets

Do Son May 6, 2026

Argo CD, the leading GitOps continuous delivery tool for Kubernetes, has issued a high-priority patch for a...

The “Mini Shai-Hulud” Attack Hijacking SAP Developer Pipelines SAP Supply Chain Attack Mini Shai-Hulud Malware

The “Mini Shai-Hulud” Attack Hijacking SAP Developer Pipelines

Do Son April 29, 2026

Security researchers have sounded the alarm on a precision-targeted supply-chain compromise striking the SAP developer ecosystem. The...

Supply Chain Alert: TeamPCP Strikes Popular AI Framework Xinference Xinference Supply Chain Attack TeamPCP

Supply Chain Alert: TeamPCP Strikes Popular AI Framework Xinference

Do Son April 23, 2026

The Python ecosystem is reeling from a sophisticated supply chain attack targeting Xinference (Xorbits Inference), a widely...

CVE-2026-4370 (CVSS 10): Critical Juju Flaw Grants Attackers Total Infrastructure Control

Do Son April 3, 2026

The cybersecurity community is on high alert following the discovery of a critical security flaw in Juju,...

The Unpatched Kyverno SSRF Flaw That Turns Policies Into Cluster-Wide Backdoors Kyverno SSRF Kubernetes Policy Engine Kyverno Privilege Escalation CVE-2026-22039

Kyverno SSRF Kubernetes Policy Engine Kyverno Privilege Escalation CVE-2026-22039

The Unpatched Kyverno SSRF Flaw That Turns Policies Into Cluster-Wide Backdoors

Do Son March 31, 2026

A critical security boundary in Kubernetes environments has been compromised. A new vulnerability note from CERT/CC has...

Critical libfuse io_uring Vulnerabilities Threaten Linux and Kubernetes Infrastructure libfuse vulnerability io_uring exploit

Critical libfuse io_uring Vulnerabilities Threaten Linux and Kubernetes Infrastructure

Do Son March 30, 2026

The FUSE (Filesystem in Userspace) project, a staple of the Linux ecosystem that allows non-privileged users to...

Critical 9.4 CVSS Flaw Exposes Harbor Registries to Total Hijack Harbor Registry Supply Chain Attack

Critical 9.4 CVSS Flaw Exposes Harbor Registries to Total Hijack

Do Son March 25, 2026

The CERT Coordination Center (CERT/CC) has issued a critical security warning regarding GoHarbor’s Harbor, a widely used...

95 Million Downloads Hijacked: The LiteLLM PyPI Backdoor Targeting AI Developers LiteLLM PyPI Supply Chain Attack

95 Million Downloads Hijacked: The LiteLLM PyPI Backdoor Targeting AI Developers

Do Son March 25, 2026

A relentless cyber-espionage campaign has expanded its reach into the heart of the AI development ecosystem. Security...

Suspected North Korean Actors Target the Cryptocurrency Supply Chain AWS Kill Chain React2Shell

Suspected North Korean Actors Target the Cryptocurrency Supply Chain

Do Son March 5, 2026

Cybersecurity researchers at Ctrl-Alt-Intel have released a detailed investigation into a systematic campaign targeting the heart of...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

CVE-2025-62878: Critical 10.0 Vulnerability Found in Kubernetes Local Path Provisioner

Do Son February 9, 2026

A maximum-severity vulnerability has been uncovered in a core Kubernetes storage component, leaving nodes wide open to...

Silent Leak: High-Severity Rancher CLI Flaw Exposes Admin Credentials CVE-2024-52281 Rancher CLI Vulnerability CVE-2025-67601

Silent Leak: High-Severity Rancher CLI Flaw Exposes Admin Credentials

Do Son February 4, 2026

For DevOps teams managing Kubernetes clusters at scale, the Rancher CLI is a vital tool. But a...

Gatekeeper Breached: 4 Critical Ingress-Nginx Flaws Risk Cluster Secrets Ingress-Nginx Vulnerability Kubernetes RCE Vulnerability CVE-2025-9708 Kubernetes Security, Image Builder Vulnerability CVE-2024-10220 - OPA Gatekeeper Bypass

Ingress-Nginx Vulnerability Kubernetes RCE Vulnerability CVE-2025-9708 Kubernetes Security, Image Builder Vulnerability CVE-2024-10220 - OPA Gatekeeper Bypass

Gatekeeper Breached: 4 Critical Ingress-Nginx Flaws Risk Cluster Secrets

Do Son February 3, 2026

For Kubernetes administrators, the Ingress-Nginx controller is the trusted gatekeeper, routing traffic from the wild internet to...

The Open Door: Critical 9.8 Severity Flaw in Harvester Lets Hackers Hijack New Servers Harvester HCI, CVE-2025-62877

The Open Door: Critical 9.8 Severity Flaw in Harvester Lets Hackers Hijack New Servers

Do Son January 6, 2026

Harvester, the open-source hyperconverged infrastructure (HCI) solution built on Kubernetes, has hit a critical bug. A new...

Kubernetes Alert: Headlamp Flaw (CVE-2025-14269) Lets Unauthenticated Users Hijack Helm Clusters Headlamp Kubernetes, Helm Credential Hijack

Kubernetes Alert: Headlamp Flaw (CVE-2025-14269) Lets Unauthenticated Users Hijack Helm Clusters

Do Son December 19, 2025

A high-severity vulnerability has been discovered in Headlamp, a popular extensible web UI for Kubernetes, potentially allowing...

Critical OpenShift GitOps Flaw Risks Cluster Takeover (CVE-2025-13888) via Privilege Escalation to Root WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

Critical OpenShift GitOps Flaw Risks Cluster Takeover (CVE-2025-13888) via Privilege Escalation to Root

Do Son December 16, 2025

A critical vulnerability has been uncovered in Red Hat OpenShift GitOps, exposing Kubernetes clusters to a complete...

The “USB-C of AI” is Here: Google Launches Managed Servers for MCP Protocol Google MCP Protocol, Agentic AI Managed Servers Google Cloud Meta Google Cloud UniSuper

Google MCP Protocol, Agentic AI Managed Servers Google Cloud Meta Google Cloud UniSuper

The “USB-C of AI” is Here: Google Launches Managed Servers for MCP Protocol

Do Son December 12, 2025

Following the Linux Foundation’s establishment of the Agentic AI Foundation (AAIF) and its designation of the Model...

OCI Fixes Container Escape Vulnerabilities in runc (CVE-2025-31133, CVE-2025-52565, CVE-2025-52881) runc Container Escape, Mount Race Condition

OCI Fixes Container Escape Vulnerabilities in runc (CVE-2025-31133, CVE-2025-52565, CVE-2025-52881)

Do Son November 7, 2025

The Open Container Initiative (OCI) has released security updates to address three high-severity vulnerabilities affecting its container...

Critical NeuVector RCE Flaw (CVE-2025-54469, CVSS 10.0) Allows Command Injection via Unsanitized Environment Variables NeuVector Critical RCE, Command Injection

NeuVector Critical RCE, Command Injection

Critical NeuVector RCE Flaw (CVE-2025-54469, CVSS 10.0) Allows Command Injection via Unsanitized Environment Variables

Do Son October 23, 2025

The SUSE Rancher Security team has issued a critical advisory addressing a command injection and buffer overflow...

DoS Flaws in Argo CD: Unauthenticated Attackers Can Crash Kubernetes Server with Single Request Argo CD Secret Leak CVE-2026-42880 CVE-2024-28175 Argo CD DoS, Webhook Flaws

DoS Flaws in Argo CD: Unauthenticated Attackers Can Crash Kubernetes Server with Single Request

Do Son October 2, 2025

The Argo CD project has released patches addressing several denial-of-service (DoS) vulnerabilities that could allow attackers to...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

CVE-2025-10725 (CVSS 9.9): Red Hat OpenShift AI Privilege Escalation Flaw Could Lead to Full Cluster Compromise

Do Son October 1, 2025

The Red Hat Security team has disclosed a serious vulnerability in Red Hat OpenShift AI, a platform...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

Kubernetes

The “Mini Shai-Hulud” Attack Hijacking SAP Developer Pipelines

Critical libfuse io_uring Vulnerabilities Threaten Linux and Kubernetes Infrastructure

CVE-2025-62878: Critical 10.0 Vulnerability Found in Kubernetes Local Path Provisioner

Silent Leak: High-Severity Rancher CLI Flaw Exposes Admin Credentials

The Open Door: Critical 9.8 Severity Flaw in Harvester Lets Hackers Hijack New Servers

Kubernetes Alert: Headlamp Flaw (CVE-2025-14269) Lets Unauthenticated Users Hijack Helm Clusters

Critical OpenShift GitOps Flaw Risks Cluster Takeover (CVE-2025-13888) via Privilege Escalation to Root

The “USB-C of AI” is Here: Google Launches Managed Servers for MCP Protocol

OCI Fixes Container Escape Vulnerabilities in runc (CVE-2025-31133, CVE-2025-52565, CVE-2025-52881)

Critical NeuVector RCE Flaw (CVE-2025-54469, CVSS 10.0) Allows Command Injection via Unsanitized Environment Variables

DoS Flaws in Argo CD: Unauthenticated Attackers Can Crash Kubernetes Server with Single Request

CVE-2025-10725 (CVSS 9.9): Red Hat OpenShift AI Privilege Escalation Flaw Could Lead to Full Cluster Compromise