Unpatchable Vulnerabilities of Kubernetes: CVE-2020-8561 | Datadog Security Labs This article explains CVE-2020-8561, an unpatchable Kubernetes vulnerability that combines an SSRF vector via ValidatingWebhookConfiguration objects with the API server's profiling endpoints to escalate impact by exposing full responses. The exploit requires valid cluster credentials (typically cluster-admin) to change the API server log level and then trigger webhook-initiated requests to probe internal services. #CVE-2020-8561 #kube-apiserver

CVE-2020-8561 exploits an SSRF flaw in Kubernetes API server’s ValidatingWebhookConfiguration and profiling endpoints to expose full responses. Requires cluster-admin creds to escalate impact. #KubernetesSecurity #SSRF #CVE20208561

TeamPCP Backdoors LiteLLM via Trivy
Read More: buff.ly/9DwmFvk

#TeamPCP #LiteLLM #Trivy #PyPI #SupplyChainSecurity #KubernetesSecurity #CredentialTheft #DevSecOps

#Kubernetes #K8s #DevOps #CloudNative #CKS #DevSecOps #ContainerSecurity #KubernetesSecurity #CNCF #OpenSource #LinuxFoundation #TechCommunity

TeamPCP Worm Abuses Cloud To Build Botnets
Read More: buff.ly/rqd3TQN

#TeamPCP #CloudBotnet #React2Shell #DockerSecurity #KubernetesSecurity #CloudExploitation #CryptoMiningMalware #ThreatResearch

🔓 La función de telemetría de Kubernetes compromete completamente los clústeres

Una nueva vulnerabilidad crítica se suma a los problemas de los administradores.

thenewstack.io/kubernetes-telemetry-fea...

#KubernetesSecurity #Telemetry #DevSecOps #RoxsRoss

VoidLink Linux Malware Targets Cloud Systems
Read More: buff.ly/4few38e

#VoidLink #LinuxMalware #CloudSecurity #KubernetesSecurity #ContainerSecurity #CloudNativeSecurity #SupplyChainSecurity #DevSecOps #ThreatIntel #CheckpointResearch

VoidLink Malware Targets Linux Clouds
Read More: buff.ly/Zy0YCOa

#VoidLink #LinuxMalware #CloudSecurity #KubernetesSecurity #ContainerSecurity #CloudNativeThreats #EDR #LinuxInfosec #ThreatResearch #AdvancedMalware

Breaking Boundaries - Kubernetes Namespaces and multi-tenancy AmberWolf Security Research Blog

Breaking Boundaries - Kubernetes Namespaces and multi-tenacy blog.amberwolf.com/blog/2025/se... #cloudsecurity #kubernetessecurity

👉 Mitigation: enable and configure OwnerReferencesPermissionEnforcement admission controllers.
👉 Fix: update kube-apiserver to 1.31.12, 1.32.8, or 1.33.4.

#KubernetesSecurity #InfoSec #DevSecOps

🧵 2/2

Kubernetes 1.34: Top Security Features & Enhancements - ARMO Improve your cloud security with the latest upgrades in Kubernetes 1.34, from mutual TLS and token hardening to CEL-based admission policies

Kubernetes 1.34 security features www.armosec.io/blog/kuberne... #KubernetesSecurity #CloudSecurity

Kubescape Operator & SaaS Watch on the Rawkode Academy

🚀 Check out this insightful video on Kubescape Operator & SaaS! Learn how to deploy Kubescape and leverage the SaaS GUI for enhanced Kubernetes security. Thanks to @rawkode.dev for sharing this valuable content! #KubernetesSecurity

Critical Kubernetes Security Update: CVE-2025-22872 Patch Guide for SUSE Systems Blog com notícias sobre, Linux, Android, Segurança , etc

🚨 New #Kubernetes security alert! CVE-2025-22872 (CVSS 6.5) patches released for @SUSE distributions. Read more: 👉 tinyurl.com/yc7ja7b6 #KubernetesSecurity #DevOps

Inside Job: Defending Kubernetes Clusters Against Network
Misconfigurations
Jacopo Bufalino, Jose Luis Martin-Navarro et al.
Paper
Details
#KubernetesSecurity #NetworkMisconfigDefense #DevSecOpsPractices

Amazon GuardDuty expands Extended Threat Detection coverage to Amazon EKS clusters | Amazon Web Services Expanded Amazon GuardDuty Extended Threat Detection for EKS clusters uses proprietary correlation algorithms to identify sophisticated multi-stage attack sequences across Kubernetes audit logs, container...

📰🚨Amazon GuardDuty expands Extended Threat Detection coverage to Amazon EKS clusters by Esra Kayabali

#AmazonGuardDuty #KubernetesSecurity #ThreatDetection #CloudSecurity #AWService

Let's level up our EKS security game! Join our hands-on webinar on "Shift Right Security for EKS" with Bion Consulting and Anchore. Learn practical techniques to identify a... get.anchore.com/shift-right-security-for... #EKS #KubernetesSecurity #DevSecOps #Anchore #SecurityWebinar

Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication Five critical flaws in Ingress NGINX Controller expose 6,500+ clusters; update now to prevent unauthorized remote code execution.

Critical vulnerability alert! 6,500+ Kubernetes clusters at risk due to Ingress NGINX Controller flaws. Update ASAP to prevent cluster takeover & unauthorized code execution thehackernews.com/2025/03/crit... #IngressNightmare #KubernetesSecurity

Server Racks

Ingress Nightmare is REAL (and it’s Messy)
www.polyplugins.com/ingress-nigh...
#cloudsecurity #cve2025 #ingresscontroller #kubernetessecurity #nginx

Good mix of some lightweight and more tricky questions, but an extra good thing is that I got lots of ideas for blog posts while preparing for this exam 😁

A blog post with KCSA preparation material to follow of course - stay tuned! 😉

#KubernetesSecurity #DevSecOps #K8s

Learn how #KubeArmor leverages Linux Security Modules (LSMs) like AppArmor, SELinux, and BPF-LSM to secure your cluster, enforce policies, and provide deep observability.

#kubernetes #cloudsecurity #runtimesecurity #kubernetessecurity #k8s #platformengineering

youtube.com/shorts/vhLC_...

DDoS Attack on Kubernetes: What’s the Best Solutions – 2024 Explore powerful strategies to mitigate DDoS attack on Kubernetes. Elevate your security posture with expert insights and robust defence mechanisms in your Ap.

Kubernetes is a popular choice for running containerized applications. However, its popularity also makes it a target for malicious actors. The Distributed Denial-of-Service (DDoS) attack is among the most common attacks in the Kubernetes environment.
#DDoSAttack #KubernetesSecurity #TechSolutions

Best Kubernetes Security Tools: How to Choose! – 2024 Discover the top Kubernetes security tools to fortify your containerized applications. Learn how to choose the Kubernetes security tools for robust optimization

Kubernetes has really transformed how we deploy and manage applications. However, with this power, security becomes a big responsibility.


Please follow my LinkedIn page to get more updates: https://lnkd.in/eG63ACWN
#KubernetesSecurity #CloudSecurity #CyberSecurity #KubernetesTools #TechBlog

Meistere Kubernetes mit Cilium: Traffic Filterung auf L7 Basis Erfahre, wie Du Kubernetes-Netzwerke mit Cilium verstärken kannst. Sichere Dienste, beschränke den Zugriff und verbessere die Clustersicherheit für den L7-Datenverkehr.

Need a solution for your #kubernetes service security? Learn how you empower #L7 traffic control with #Cilium!
#L7Traffic #k8s #ITTutorial #opensource #KubernetesCluster #Cilium #CNI #KubernetesSecurity

bit.ly/3tA8PIm