#KubernetesSecurity — Search

No JavaScript? That's cool, but you'll need to disable Turbo mode as it uses JavaScript in the client.

Varsh Verma is talking about implementing Zero Trust principles in Kubernetes environments. Securing cloud native workloads requires strong identity, network controls, and policy enforcement. @CloudNativeFdn #ZeroTrust #KubernetesSecurity #CloudNative

Cybersecurity News Everyday @TweetThreatNews · 1d

CVE-2020-8561 exploits an SSRF flaw in Kubernetes API server’s ValidatingWebhookConfiguration and profiling endpoints to expose full responses. Requires cluster-admin creds to escalate impact. #KubernetesSecurity #SSRF #CVE20208561 ift.tt/LEbouZ0

Unpatchable Vulnerabilities of Kubernetes: CVE-2020-8561 | Datadog Security Labs

This article explains CVE-2020-8561, an unpatchable Kubernetes vulnerability that combines an SSRF vector via ValidatingWebhookConfiguration objects with the API server's profiling endpoints to...

From hendryadrian.com

Red Secure Tech Ltd. @redsecuretech · 4d

Kubernetes wiper attacks can destroy data instantly with no recovery option. Learn why they pose a greater risk than traditional ransomware. redsecuretech.co.uk/blog/post/why-… #KubernetesSecurity #CyberRisk #CloudSecurity #WiperAttack #BusinessContinuity #ExecutiveAwareness

X CyberSec @xcybersecnews · 4d

🚨 New CanisterWorm targets Kubernetes clusters, deploying a "Kamikaze" wiper designed for total destruction! Protect your K8s environments immediately. #KubernetesSecurity #CyberAttack hackread.com/canisterworm-k…

New CanisterWorm Targets Kubernetes Clusters, Deploys “Kamikaze” Wiper

From hackread.com

Gomboo AI @GombooAi · 5d

K8s RBAC тохируулсан ч Pod Security Standards мартвал — дотроос нь эвдэж болно. `privileged` container + hostPID=true = node takeover. Baseline profile MINIMUM. Production-д Restricted policy enforce хий, exceptions тус бүрийг audit хий. 🐻 #KubernetesSecurity #RBAC

X CyberSec @xcybersecnews · 5d

🚨 Heads up, Docker & Kubernetes users! A critical Trivy hack is unleashing an infostealer via Docker, spreading as a worm, and wiping Kubernetes clusters. This isn't just a leak, it's a wipe! #Cybersecurity #KubernetesSecurity thehackernews.com/2026/03/trivy-…

Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper

Trivy supply chain attack pushed malicious Docker images on March 22, enabling credential theft and worm spread, impacting cloud environments.

From thehackernews.com

Gray Hats @the_yellow_fall · Mar 20

A high-severity 8.8 CVSS flaw (CVE-2026-4342) in ingress-nginx allows attackers to inject malicious code and steal Kubernetes Secrets. Patch immediately #IngressNginx #KubernetesSecurity #CVE #CyberSecurity #CloudSecurity #InfoSec #Vulnerability #DevSecOps securityonline.info/annotation-tra…

498

Kubegrade @kubegrade · Mar 18

North Korean hackers exploit Kubernetes to steal crypto assets in a sophisticated cloud breach, per Google. Discover strategies to safeguard your clusters now: the420.in/north-korea-un… #KubernetesSecurity

Hackers Exploit Kubernetes and Cloud SQL in Sophisticated Crypto Theft

A cyber intrusion attributed to a suspected North Korean threat group reveals how attackers can move from a developer’s personal device to corporate cloud infrastructure, exploiting DevOps workflow…

From the420.in

Cybersecurity News Everyday @TweetThreatNews · Mar 17

CVE-2026-3288 in ingress-nginx allows config injection via double-quote in Ingress paths, enabling RCE and secret disclosure. Fix merged March 9, 2026; detection rules available from Sysdig TRT. #KubernetesSecurity #NGINXIngress #USA ift.tt/cYi4rnB

169

Resolution - Cisco Networks & Security @resolutionltd · Mar 17

This article looks at VoidLink, a cloud native malware framework reportedly built with AI in under a week, designed for stealthy persistence in Linux, containers and Kubernetes. Read the article: blogs.cisco.com/security/voidl… #WorkloadSecurity #KubernetesSecurity #CloudSecurity

ひなの💐＠ビール⛲️ @DanielleLo34537 · Mar 8

Security is like a perfectly tuned symphony – every note matters, and one wrong beat can shatter the whole thing #KubernetesSecurity #symphonyofsafety

nivelepsilon @FpeSre · Mar 6

🔐 Analysing Kubernetes RBAC as a pivotal security paradigm, this study elucidates hierarchical access control mechanisms to fortify cluster integrity. #KubernetesSecurity 🔒 #RBAC #CyberDefence nivelepsilon.com/2023/12/25/und…

Understanding Kubernetes RBAC: Safeguarding Your Cluster - Blog NivelEpsilon

Role-Based Access Control (RBAC) stands as a cornerstone for securing and managing access within the Kubernetes ecosystem. Think of Kubernetes as a bustling city, with myriad services, pods, and...

From nivelepsilon.com

TechDemocracy @techdemocracy · Mar 5

Replying to @techdemocracy

Learn how organizations can strengthen identity governance in Kubernetes environments: techdemocracy.com/resources/non-… #IdentitySecurity #KubernetesSecurity #ZeroTrust #CloudSecurity #Cybersecurity

Non-Human Identities in Kubernetes | Zero-Trust Strategy

Discover how a zero-trust strategy can secure non-human identities in Kubernetes. Protect sensitive data with prevention, detection, and recovery. Know more!

From techdemocracy.com

Kubegrade @kubegrade · Feb 26

Agentless security continues to gain traction in cloud-native environments. ExtraHop’s latest SOC enhancement highlights how network visibility is evolving alongside Kubernetes and modern cluster defense strategies. Discover more: securitybrief.co.nz/story/extrahop… #KubernetesSecurity

Uptycs - CNAPP for Hybrid Cloud Security @uptycs · Feb 25

#Kubernetes risk often hides in configuration, not alerts. Exposed dashboards, over-permissive service accounts, and unrestricted ingress can quietly expand blast radius. Uptycs helps teams surface & prioritize these risks early. hubs.ly/Q0448QPP0 #KubernetesSecurity #K8s

PulsePatch.io @pulsepatchio · Feb 22

A trust evaluation vulnerability (CVE-2026-27134) in `Strimzi Kafka Operator` allows unintended CAs in a custom chain to be trusted for mTLS user auth. Users should update. #Strimzi #Kafka #KubernetesSecurity pulsepatch.io/posts/cve-2026…