Kubernetes Vulnerability

Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk

Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk Oct 17, 2024Ravie LakshmananVulnerability / Kubernetes A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances. The vulnerability, tracked as CVE-2024-9486 (CVSS score: Read more…

Enterprise Server

GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access

GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access Oct 16, 2024Ravie LakshmananEnterprise Security / Vulnerability GitHub has released security updates for Enterprise Server (GHES) to address multiple issues, including a critical bug that could allow unauthorized access to an instance. The vulnerability, tracked as CVE-2024-9487, carries a Read more…

APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data

APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data

APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data The Iranian state-backed hacking outfit called APT42 is making use of enhanced social engineering schemes to infiltrate target networks and cloud environments. Targets of the attack include Western and Middle Eastern NGOs, media organizations, academia, legal services and activists, Google Cloud subsidiary Mandiant said Read more…