Hackers hijack OpenMetadata apps in Kubernetes cryptomining attacks
April 17, 2024 at 05:07PM Attackers are actively targeting Kubernetes OpenMetadata workloads by exploiting multiple security vulnerabilities (CVE-2024-28255, CVE-2024-28847, CVE-2024-28253, CVE-2024-28848, and CVE-2024-28254), which were patched on March 15 in OpenMetadata versions 1.2.4 and 1.3.1. Microsoft reports that the attackers download cryptomining-related malware from a remote server, gaining remote access and establishing persistent control. Admins … Read more