April 30, 2024 at 01:33PM JFrog researchers discovered large-scale malicious campaigns targeting Docker Hub, where 3.2 million repositories hosted spam, malware, and phishing content. Analyzing three years of activity, they identified 4.6 million imageless repositories, with 2.9 million used in the campaigns. The repositories were unusable but contained malicious payloads, including trojans and scams. All … Read more
April 19, 2024 at 05:57AM Cybercriminals are exploiting critical OpenMetadata vulnerabilities to access Kubernetes environments and deploy cryptocurrency mining malware, Microsoft warned. Five vulnerabilities, including an authentication bypass and high-severity issues, have been identified. Threat actors target internet-exposed Kubernetes workloads of OpenMetadata, achieve code execution, and download cryptomining-related malware. Microsoft advises updating OpenMetadata to version … Read more
April 18, 2024 at 02:15AM Microsoft Threat Intelligence team has observed threat actors exploiting vulnerabilities in the OpenMetadata platform to access Kubernetes workloads for cryptocurrency mining. These flaws, discovered by Alvaro Muñoz, enable authentication bypass and code execution. Threat actors conduct reconnaissance activities, establish command-and-control communications, and deploy crypto-mining malware. Users are urged to update … Read more
April 17, 2024 at 05:07PM Attackers are actively targeting Kubernetes OpenMetadata workloads by exploiting multiple security vulnerabilities (CVE-2024-28255, CVE-2024-28847, CVE-2024-28253, CVE-2024-28848, and CVE-2024-28254), which were patched on March 15 in OpenMetadata versions 1.2.4 and 1.3.1. Microsoft reports that the attackers download cryptomining-related malware from a remote server, gaining remote access and establishing persistent control. Admins … Read more
February 4, 2024 at 10:39AM “Leaky Vessels” vulnerabilities were discovered by Snyk security researcher, allowing hackers to escape containers and access underlying system data. No active exploitation was found, but impacted parties are advised to apply available security updates promptly. The flaws affected runc and Buildkit, impacting Docker, Kubernetes, and more. Patched versions were released … Read more
January 31, 2024 at 05:27PM Researchers uncovered four vulnerabilities in container engine components called “Leaky Vessels,” with one impacting runC and three impacting BuildKit in Docker environments. The most urgent vulnerability, CVE-2024-21626, enables container escape, potentially compromising host systems. Snyk advises updating affected components promptly. Container vulnerabilities are increasingly concerning, with high-profile cases indicating inadequate … Read more
January 31, 2024 at 03:40PM Multiple security vulnerabilities in the runC command line tool have been disclosed, known as Leaky Vessels. These vulnerabilities could allow threat actors to escape container boundaries and launch further attacks, potentially accessing sensitive data and superuser privileges. The flaws have been addressed in runC version 1.1.12, and users are advised … Read more
January 25, 2024 at 11:55AM A loophole in Google Kubernetes Engine (GKE) authentication allows external attackers with Google accounts to access private Kubernetes clusters, posing serious security risks. Orca Security discovered the issue, named Sys:All, which grants unauthorized access by mistakenly binding overly permissive roles to the “system:authenticated” group. Google has taken steps to mitigate … Read more
January 16, 2024 at 05:23PM GitHub resolved vulnerabilities enabling attackers to access credentials in production containers by patching CVE-2024-0200. The update applies to GitHub Enterprise Server versions 3.8.13, 3.9.8, 3.10.5, and 3.11.3. While potential exploitation requires an organization owner role, GitHub rotated exposed credentials and urges swift security update installation. Additionally, a command injection vulnerability … Read more
January 3, 2024 at 03:59PM Aqua Security, a cloud native security platform company, has secured a $60 million extended Series E funding round, valuing the firm at over $1 billion. Led by Evolution Equity Partners, it saw participation from Insight Partners, Lightspeed Venture Partners, and StepStone Group. Aqua Security offers technology to enhance security for … Read more