Tag: Kubernetes
-
Quasar Linux (QLNX) Emerges to Subvert the Global Software Supply Chain
The novel Linux implant, Quasar Linux, poses a formidable threat not merely to individual workstations but to the entire software supply chain. This malicious suite targets environments dedicated to the creation, compilation, and dissemination of code; consequently, compromised credentials could precipitously escalate into wide-scale assaults against users of prominent repositories and cloud infrastructures. Researchers at…
-
CanisterWorm: The Self-Propagating npm Epidemic Turning Developers into Vectors
An attack upon a single, ubiquitous instrument has imperceptibly metamorphosed into a catastrophic chain reaction, presently contaminating packages across the entire expanse of the npm ecosystem. This venomous code does not merely languish within isolated libraries; rather, it autonomously propagates, weaponizing the purloined access credentials of developers. This pertains to the CanisterWorm crusade, orchestrated by…
-
The End of Insecure Pulls: Docker Open Sources Its Hardened Images Catalog
Docker has announced that its Docker Hardened Images (DHI) are now free and fully open: they can be used, distributed, and modified without restriction under the Apache 2.0 license. The idea is straightforward—to give developers a secure production-ready starting point from the very first docker pull, at a time when supply-chain attacks are escalating at…
-
Kubernetes Ingress NGINX EoL: Critical Component Deprecated Due to Lack of Funding
KubeCon in Atlanta delivered a wave of high-profile Kubernetes announcements, yet one of the most consequential developments slipped by almost unnoticed. One of the oldest and most widely deployed components — the Ingress NGINX controller — has been officially marked for deprecation. The project will reach its end of life in March 2026. After that…
-
Ingress NGINX is Retiring: Kubernetes Sunsets Controller Due to Technical Debt & Security Flaws
The Kubernetes community has resolved to retire one of the ecosystem’s most prominent projects — Ingress NGINX. Development will be gradually wound down, and by March 2026 the project will be formally laid to rest. This means the widely used controller will no longer receive updates, compelling users to seek alternatives or construct their own…
-
FreeBSD Joins the Container Club: OCI Standard Officially Adds the New Platform
The Open Container Initiative (OCI) has released an update to its OCI Runtime Specification v1.3, which defines the configuration, runtime environment, and lifecycle of operating system containers. The principal innovation in this version is the official inclusion of FreeBSD, now formally recognized within the standard alongside Linux, Solaris, Windows, VM, and z/OS. Previously, FreeBSD was…
-
Stealth Innovation: LinkPro Linux Rootkit Hides via eBPF and Activates with Magic TCP Packet on Kubernetes Nodes
Synacktiv researchers have documented a novel GNU/Linux rootkit, LinkPro, uncovered during an investigation into an AWS infrastructure compromise. The intrusion began with exploitation of a vulnerable Jenkins server, after which the threat actors deployed a malicious Docker image to Kubernetes clusters. Ultimately, the compromised hosts were seeded with a VShell backdoor and the LinkPro rootkit,…
-
CISA Unleashes Thorium: A Powerful New Platform for Automated Malware & Forensic Analysis at Scale
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced the public release of Thorium—a powerful analytical platform tailored for experts in digital forensics and malware analysis. This innovative solution, developed in collaboration with the Los Alamos and Sandia National Laboratories, is aimed at analysts across government agencies, private enterprises, and academic institutions who require…
-
KubeAPI-Inspector: Discover the secrets hidden in apis
A tool specifically designed for Kubernetes environments aims to efficiently and automatically discover hidden vulnerable APIs within clusters. It reveals and demonstrates a common error through a workshop format, which could lead to API endpoint authentication failures and potentially compromise the entire cluster. The workshop can be deployed using Kubernetes resource YAML files. Features Implemented…
-
kube-bench: Checks Kubernetes security best practices as defined in the CIS Kubernetes Benchmark
kube-bench kube-bench is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark. Tests are configured with YAML files, making this tool easy to update as test specifications evolve. Please Note kube-bench implements the CIS Kubernetes Benchmark as closely as possible. Please raise issues here if it…
-
kubeshark: API traffic analyzer for Kubernetes
kubeshark Kubeshark is an API Traffic Analyzer for Kubernetes providing real-time, protocol-level visibility into Kubernetes’ internal network, capturing and monitoring all traffic and payloads going in, out, and across containers, pods, nodes, and clusters. Think TCPDump and Wireshark re-invented for Kubernetes Network Analysis Kubeshark can sniff parts or all OSI L4 (TCP and UDP) traffic in your cluster, record it into PCAP…
-
Data at Risk: ‘Leaky Vessels’ Vulnerabilities Threaten Container Security
The company Snyk has identified four vulnerabilities in virtualization systems collectively dubbed Leaky Vessels. These flaws enable malefactors to breach the confines of isolated containers and access data on the host operating system. Containers encapsulate applications with all necessary dependencies, executables, and code for operation, running in a virtualized environment separate from the operating system.…