Security News

Researchers Detail Kubernetes Vulnerability That Enables Windows Node Takeover
2024-03-14 11:59

Details have been made public about a now-patched high-severity flaw in Kubernetes that could allow a malicious attacker to achieve remote code execution with elevated privileges under specific...

Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters
2024-01-24 14:25

Cybersecurity researchers have discovered a loophole impacting Google Kubernetes Engine (GKE) that could be potentially exploited by threat actors with a Google account to take control of a...

Google Cloud Resolves Privilege Escalation Flaw Impacting Kubernetes Service
2023-12-28 13:20

Google Cloud has addressed a medium-severity security flaw in its platform that could be abused by an attacker who already has access to a Kubernetes cluster to escalate their privileges. "An...

5 open-source tools for pentesting Kubernetes you should check out
2023-12-06 05:00

Kubernetes has become a critical part of the infrastructure for many organizations. With its widespread adoption, Kubernetes environments have also become a target for cyber threats.

Kubernetes Secrets of Fortune 500 Companies Exposed in Public Repositories
2023-11-24 06:44

Cybersecurity researchers are warning of publicly exposed Kubernetes configuration secrets that could put organizations at risk of supply chain attacks. “These encoded Kubernetes configuration...

k0smotron: Open-source Kubernetes cluster management
2023-11-14 04:30

Open-source solution k0smotron is enterprise-ready for production-grade Kubernetes cluster management with two support options. The k0smotron operator is deployed onto an existing Kubernetes cluster, designated as the management cluster similar to a "Mothership," that orchestrates and provides control plane services on demand.

Kubernetes adoption creates new cybersecurity challenges
2023-11-13 04:30

84% of security and IT leaders believe that Kubernetes will soon be the main platform used to develop all applications. Amid the rush to transition to these modern environments, many development teams are putting security on the back burner, creating new risks and opportunities for nefarious cybercriminals.

Organizations lack the skills and headcount to manage Kubernetes
2023-11-10 04:00

The Kubernetes industry is undergoing rapid change and evolution due to the growth of edge computing, the acceleration of AI, and the pressing need to modernize Kubernetes management in response to increasing technology scale and complexity, according to Spectro Cloud. Production Kubernetes deployments usually include multiple clusters across multiple kinds of infrastructure, using multiple distributions, with multiple software in the associated stacks.

Aqua Trivy open-source security scanner now finds Kubernetes security risks
2023-11-08 05:30

The Aqua Trivy open-source scanner now supports vulnerability scanning for Kubernetes components and Kubernetes Bill of Materials generation. Now, companies can better understand the components within their Kubernetes environment and how secure they are to reduce risk.

Kubescape 3.0 elevates open-source Kubernetes security
2023-11-07 05:30

Targeted at the DevSecOps practitioner or platform engineer, Kubescape, the open-source Kubernetes security platform has reached version 3.0. Reporting on the vulnerabilities of all the images in a cluster: This provides a comprehensive view of the security posture of all the images in a cluster and helps organizations prioritize remediation efforts.