SEARCH
Archive
OpenMetadata Bugs Enable Kubernetes Cryptomining Attacks
Threat actors have been exploiting known vulnerabilities in open-source platform OpenMetadata in order to access Kubernetes workloads and use them for cryptomining.
Container Escape Flaw Fixed in CRI-O Runtime Engine
A critical container escape flaw in the CRI-O Kubernetes runtime engine has been patched.
Attackers Use Cloud Tool to Target Docker, Kubernetes
An attack group TeamTNT is using Weave Scope, an open source cloud monitoring and control tool to compromise Docker and Kubernetes instances as part of a cryptocurrency mining operation, security company Intezer said.
Kubernetes Launches Bug Bounty
Kubernetes has launched a public bug bounty program with support from Google.
HTTP Request Smuggling Bug in Go Affects Kubernetes
A flaw in the way Go handles some invalid HTTP headers could allow an attacker to authenticate as any user on a Kubernetes server in some instances.