kubernetes
-
AI isn’t a foreign idea for many businesses today. With the right tools, platforms and team, useful business implementations of AI and machine learning can grow as an extension of a company’s current infrastructure. For Mastercard, a deep understanding of data science was already built into the globe-spanning payments company. Alexander Hughes, director of software…
-
In a startling revelation from Microsoft Threat Intelligence, threat actors are increasingly targeting unsecured Kubernetes clusters to conduct illicit activities such as cryptomining. The dynamic and complex nature of containerized environments poses significant challenges for security teams in detecting runtime anomalies or identifying the source of breaches. Rising Threats in Containerized Environments According to Microsoft’s…
-
The dynamic nature of containers can make it challenging for security teams to detect runtime anomalies or pinpoint the source of a security incident, presenting an opportunity for attackers to stay undetected. Microsoft Threat Intelligence has observed threat actors taking advantage of unsecured workload identities to gain access to resources, including containerized environments. Microsoft data…
-
Disclaimer: This document is for educational purposes only. Exploiting systems without authorization is illegal and punishable by law.Continue reading on InfoSec Write-ups »
-
A vulnerability has been found in Kubernetes ingress-nginx up to 1.11.4/1.12.0 and classified as very critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper isolation or compartmentalization. This vulnerability is known as CVE-2025-1974. The attack can be launched remotely. Furthermore, there is an exploit available.
-
Kubernetes container scanners are essential tools for ensuring the security of containerized applications and Kubernetes clusters. These scanners analyze vulnerabilities, misconfigurations, and compliance issues within container images, Kubernetes manifests, and runtime environments. Popular tools like Kube Bench focus on compliance by auditing Kubernetes clusters against CIS benchmarks, while Checkov excels at scanning Infrastructure-as-Code (IaC) configurations…
-
A recently discovered set of vulnerabilities, dubbed “IngressNightmare,” found in Ingress NGINX Controller, exposing clusters to unauthenticated remote code execution (RCE). Kubernetes dominates container orchestration, but its prominence has made it a target for exploitation. In Kubernetes, Ingress serves as a sophisticated traffic management system, enabling external access to internal services. It comprises two core…
-
Wiz recently published a detailed analysis of a critical vulnerability in the NGINX Ingress admission controller—what they’ve dubbed IngressNightmare (CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24514). The vulnerability stems from insufficient input validation during configuration file processing, allowing an attacker to inject arbitrary code into the NGINX process. Wiz’s writeup is excellent and covers the technical nuances thoroughly,…
-
Certified Kubernetes Security Specialist (CKS) — Part 2 — Runtime Security with FalcoIntroductionThis is the second post in a series related to the Certified Kubernetes Security Specialist (CKS) certification I achieved recently. In the previous part we discussed my preparation, the exam attempts themselves, the hurdles, lessons learned and key takeaways. Now we will take a deeper dive into the…
-
The increasing complexity of Kubernetes environments presents unique security challenges, particularly regarding lateral movement attacks. Honeypots offer a strategic advantage in detecting and preventing these threats by acting as decoy systems that appear legitimate to attackers but are actually isolated and heavily monitored.Kubernetes environments are particularly vulnerable to lateral movement due to their distributed nature,…
-
Written by: Ferdi Gül We can say that March has been one of the critical months in terms of vulnerabilities. In addition to the critical vulnerabilities this month, another major topic in the news this week was the Oracle data breach. You can read the article we shared yesterday on this topic: “Oracle Cloud Breach:…
-
A series of critical security vulnerabilities has been discovered in the Ingress-NGINX Controller for Kubernetes, posing a significant The post Researcher Drops PoC for 9.8 CVSS Ingress-NGINX CVE-2025-1974 Flaw in Kubernetes appeared first on Cybersecurity News.
-
23andme data privacy concerns, NGINX flaw could expose K8s secrets, CrowdStrike’s 2025 partner awards and more.
-
Critical remote code execution vulnerabilities found by Wiz researchers in Ingress NGINX Controller for Kubernetes. The post IngressNightmare Flaws Expose Many Kubernetes Clusters to Remote Hacking appeared first on SecurityWeek.
-
A vulnerability has been found in Kubernetes ingress-nginx up to 1.11.4/1.12.0 and classified as very critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper isolation or compartmentalization. This vulnerability is known as CVE-2025-1974. The attack can be launched remotely. There is no exploit available.
-
A vulnerability, which was classified as very critical, was found in Kubernetes ingress-nginx up to 1.11.4/1.12.0. Affected is an unknown function of the component Ingress Annotation Handler. The manipulation leads to improper input validation. This vulnerability is traded as CVE-2025-1098. It is possible to launch the attack remotely. There is no exploit available.
-
A vulnerability, which was classified as very critical, has been found in Kubernetes ingress-nginx up to 1.11.4/1.12.0. This issue affects some unknown processing of the component auth-tls-match-cn Ingress Annotation. The manipulation leads to improper input validation. The identification of this vulnerability is CVE-2025-1097. The attack may be initiated remotely. There is no exploit available.