Security News

Woodpecker: Open-source red teaming for AI, Kubernetes, APIs
2025-05-28 05:00

Woodpecker is an open-source tool that automates red teaming, making advanced security testing easier and more accessible. It helps teams find and fix security weaknesses in AI systems, Kubernetes...

Kubernetes has grown up: From testbed to critical infrastructure
2025-05-15 05:00

In this Help Net Security video, Divya Mohan, Principal Technology Advocate at SUSE, discusses how Kubernetes has firmly transitioned from an emerging technology into a core part of enterprise...

Microsoft Warns Default Helm Charts Could Leave Kubernetes Apps Exposed to Data Leaks
2025-05-06 11:05

Microsoft has warned that using pre-made templates, such as out-of-the-box Helm charts, during Kubernetes deployments could open the door to misconfigurations and leak valuable data. "While these...

Microsoft finds default Kubernetes Helm charts can expose data
2025-05-05 19:17

Microsoft warns about the security risks posed by default configurations in Kubernetes deployments, particularly those using out-of-the-box Helm charts, which could publicly expose sensitive data. [...]

Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover
2025-03-25 16:53

Wiz researchers have unearthed several critical vulnerabilities affecting Ingress NGINX Controller for Kubernetes (ingress-nginx) that may allow attackers to take over Kubernetes clusters. “Based...

Public-facing Kubernetes clusters at risk of takeover thanks to Ingress-Nginx flaw
2025-03-25 03:12

How many K8s systems are sat on the internet front porch like that ... Oh, thousands, apparently Cloudy infosec outfit Wiz has discovered serious vulnerabilities in the admission controller...

Don't want your Kubernetes Windows nodes hijacked? Patch this hole now
2025-01-24 15:00

SYSTEM-level command injection via API parameter *chef's kiss* A now-fixed command-injection bug in Kubernetes can be exploited by a remote attacker to gain code execution with SYSTEM privileges...

Proton worldwide outage caused by Kubernetes migration, software change
2025-01-10 15:55

Swiss tech company Proton, which provides privacy-focused online services, says that a Thursday worldwide outage was caused by an ongoing infrastructure migration to Kubernetes and a software...

Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation
2024-12-31 04:35

Cybersecurity researchers have uncovered three security weaknesses in Microsoft's Azure Data Factory Apache Airflow integration that, if successfully exploited, could have allowed an attacker to...

How isolation technologies are shaping the future of Kubernetes security
2024-10-28 05:30

In this Help Net Security interview, Emily Long, CEO at Edera, discusses the most common vulnerabilities in Kubernetes clusters and effective mitigation strategies. Long shares insights on...