Artificial Intelligence Critical Nvidia Security Flaw Exposes Cloud AI Systems to Host Takeover Nvidia confirms risk of code execution, denial of service, escalation of privileges, information disclosure, and data tampering. CVSS 9/10. Ryan NaraineSeptember 26, 2024
Cybersecurity Funding Kubernetes Container Isolation Startup Edera Raises $5 Million Edera has raised $5 million in seed funding to help organizations secure Kubernetes containers and AI workloads. Ionut ArghireSeptember 20, 2024
Cloud Security Azure Kubernetes Services Vulnerability Exposed Sensitive Information A vulnerability in Azure Kubernetes Services could have allowed attackers to escalate privileges and access sensitive information on the clusters. Ionut ArghireAugust 21, 2024
Malware & Threats OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining Microsoft warns that several OpenMetadata vulnerabilities are being exploited to deploy cryptomining malware to Kubernetes environments. Eduard KovacsApril 19, 2024
Cloud Security Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers Patch Tuesday: Microsoft warns that unauthenticated hackers can take complete control of Azure Kubernetes clusters. Ryan NaraineApril 9, 2024
Cloud Security Kubernetes Vulnerability Allows Remote Code Execution on Windows Endpoints A high-severity Kubernetes vulnerability tracked as CVE-2023-5528 can be exploited to execute arbitrary code on Windows endpoints. Ionut ArghireMarch 14, 2024
Cloud Security Orca Flags Dangerous Google Kubernetes Engine Misconfiguration Attackers could take over a Kubernetes cluster if access privileges are granted to all authenticated users in Google Kubernetes Engine. Ionut ArghireJanuary 24, 2024
Cloud Security Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover Two flaws in Google Kubernetes Engine could be exploited to escalate privileges and take over the Kubernetes cluster. Ionut ArghireDecember 29, 2023
Cloud Security Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets Researchers at Aqua call urgent attention to the public exposure of Kubernetes configuration secrets, warning that hundreds of organizations are vulnerable to this “ticking... Ryan NaraineNovember 22, 2023
Cloud Security Kubernetes Vulnerability Leads to Remote Code Execution A high-severity vulnerability can be exploited to execute code remotely on any Windows endpoint within a Kubernetes cluster. Ionut ArghireSeptember 14, 2023
Cloud Security Attackers Abuse Kubernetes RBAC to Deploy Persistent Backdoor Threat actors have been observed abusing Kubernetes RBAC to create backdoors and hijack cluster resources for cryptocurrency mining. Ionut ArghireApril 24, 2023