Misconfigured Apache Pinot instances can and have enabled threat actors to gain access to sensitive information.
The post Microsoft Warns of Attackers Exploiting Misconfigured Apache Pinot Installations appeared first on SecurityWeek.
Chainguard Raises Hefty $356M Series D at $3.5 Billion Valuation
The cash infusion brings Chainguard’s total funding to about $612 million since launching in 2021 and prices the company at $3.5 billion.
The post Chainguard Raises Hefty $356M Series D at $3.5 Billion Valuation appeared first on SecurityWeek.
IngressNightmare Flaws Expose Many Kubernetes Clusters to Remote Hacking
Critical remote code execution vulnerabilities found by Wiz researchers in Ingress NGINX Controller for Kubernetes.
The post IngressNightmare Flaws Expose Many Kubernetes Clusters to Remote Hacking appeared first on SecurityWeek.
Edera Banks $15M for Kubernetes Workload Isolation Tech
Seattle startup building technology to mitigate lateral movement and block “living off the land” techniques wins interest from investors.
The post Edera Banks $15M for Kubernetes Workload Isolation Tech appeared first on SecurityWeek.
Critical Nvidia Container Flaw Exposes Cloud AI Systems to Host Takeover
Nvidia confirms risk of code execution, denial of service, escalation of privileges, information disclosure, and data tampering. CVSS 9/10.
The post Critical Nvidia Container Flaw Exposes Cloud AI Systems to Host Takeover appeared first on SecurityWeek.
Kubernetes Container Isolation Startup Edera Raises $5 Million
Edera has raised $5 million in seed funding to help organizations secure Kubernetes containers and AI workloads.
The post Kubernetes Container Isolation Startup Edera Raises $5 Million appeared first on SecurityWeek.
Azure Kubernetes Services Vulnerability Exposed Sensitive Information
A vulnerability in Azure Kubernetes Services could have allowed attackers to escalate privileges and access sensitive information on the clusters.
The post Azure Kubernetes Services Vulnerability Exposed Sensitive Information appeared first on SecurityWeek.
OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining
Microsoft warns that several OpenMetadata vulnerabilities are being exploited to deploy cryptomining malware to Kubernetes environments.
The post OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining appeared first on SecurityWeek.
Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers
Patch Tuesday: Microsoft warns that unauthenticated hackers can take complete control of Azure Kubernetes clusters.
The post Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers appeared first on SecurityWeek.
Kubernetes Vulnerability Allows Remote Code Execution on Windows Endpoints
A high-severity Kubernetes vulnerability tracked as CVE-2023-5528 can be exploited to execute arbitrary code on Windows endpoints.
The post Kubernetes Vulnerability Allows Remote Code Execution on Windows Endpoints appeared first on SecurityWeek.
