Security News
Details have been made public about a now-patched high-severity flaw in Kubernetes that could allow a malicious attacker to achieve remote code execution with elevated privileges under specific...
Cybersecurity researchers have discovered a loophole impacting Google Kubernetes Engine (GKE) that could be potentially exploited by threat actors with a Google account to take control of a...
Google Cloud has addressed a medium-severity security flaw in its platform that could be abused by an attacker who already has access to a Kubernetes cluster to escalate their privileges. "An...
Kubernetes has become a critical part of the infrastructure for many organizations. With its widespread adoption, Kubernetes environments have also become a target for cyber threats.
Cybersecurity researchers are warning of publicly exposed Kubernetes configuration secrets that could put organizations at risk of supply chain attacks. “These encoded Kubernetes configuration...
Open-source solution k0smotron is enterprise-ready for production-grade Kubernetes cluster management with two support options. The k0smotron operator is deployed onto an existing Kubernetes cluster, designated as the management cluster similar to a "Mothership," that orchestrates and provides control plane services on demand.
84% of security and IT leaders believe that Kubernetes will soon be the main platform used to develop all applications. Amid the rush to transition to these modern environments, many development teams are putting security on the back burner, creating new risks and opportunities for nefarious cybercriminals.
The Kubernetes industry is undergoing rapid change and evolution due to the growth of edge computing, the acceleration of AI, and the pressing need to modernize Kubernetes management in response to increasing technology scale and complexity, according to Spectro Cloud. Production Kubernetes deployments usually include multiple clusters across multiple kinds of infrastructure, using multiple distributions, with multiple software in the associated stacks.
The Aqua Trivy open-source scanner now supports vulnerability scanning for Kubernetes components and Kubernetes Bill of Materials generation. Now, companies can better understand the components within their Kubernetes environment and how secure they are to reduce risk.
Targeted at the DevSecOps practitioner or platform engineer, Kubescape, the open-source Kubernetes security platform has reached version 3.0. Reporting on the vulnerabilities of all the images in a cluster: This provides a comprehensive view of the security posture of all the images in a cluster and helps organizations prioritize remediation efforts.