Tag
#kubernetes
### Impact An Arbitrary File Read vulnerability has been identified in KEDA, potentially affecting any KEDA resource that uses TriggerAuthentication to configure HashiCorp Vault authentication. The vulnerability stems from an incorrect or insufficient path validation when loading the Service Account Token specified in spec.hashiCorpVault.credential.serviceAccount. An attacker with permissions to create or modify a TriggerAuthentication resource can exfiltrate the content of any file from the node's filesystem (where the KEDA pod resides) by directing the file's content to a server under their control, as part of the Vault authentication request. The potential impact includes the exfiltration of sensitive system information, such as secrets, keys, or the content of files like /etc/passwd. ### Patches The problem has been patched in v2.17.3 and 2.18.3 as well as in main branch. ### Workarounds The only effective workaround is the strict restriction of permissions for creating and mo...
Learn how DevOps and DevSecOps strengthen cybersecurity through automation, CI/CD, and secure DevOps development services.
This week’s ThreatsDay Bulletin tracks how attackers keep reshaping old tools and finding new angles in familiar systems. Small changes in tactics are stacking up fast, and each one hints at where the next big breach could come from. From shifting infrastructures to clever social hooks, the week’s activity shows just how fluid the threat landscape has become. Here’s the full rundown of what
The security vulnerability known as React2Shell is being exploited by threat actors to deliver malware families like KSwapDoor and ZnDoor, according to findings from Palo Alto Networks Unit 42 and NTT Security. "KSwapDoor is a professionally engineered remote access tool designed with stealth in mind," Justin Moore, senior manager of threat intel research at Palo Alto Networks Unit 42, said in a
2025 was an incredible year for network operations (NetOps) and Red Hat Ansible Automation Platform. To address growing network complexity, Red Hat provided the tools NetOps teams needed to implement a strategic automation approach. Through major platform releases, new partner integrations, and global events, Red Hat helped customers achieve enterprise-wide network automation with Ansible Automation Platform. Let’s take a look back at the major network automation milestones that defined the year.Key platform innovations In October, Ansible Automation Platform 2.6 launched, introducing new ca
A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).
Scale software teams fast with development team augmentation. Learn when it works best, key models, common mistakes, and how to choose the right partner.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to patch the recent React2Shell vulnerability by December 12, 2025, amid reports of widespread exploitation. The critical vulnerability, tracked as CVE-2025-55182 (CVSS score: 10.0), affects the React Server Components (RSC) Flight protocol. The underlying cause of the issue is an unsafe deserialization
Cloud security is changing. Attackers are no longer just breaking down the door; they are finding unlocked windows in your configurations, your identities, and your code. Standard security tools often miss these threats because they look like normal activity. To stop them, you need to see exactly how these attacks happen in the real world. Next week, the Cortex Cloud team at Palo Alto Networks
Developers are accustomed to the cloud, where a virtual machine (VM) can be launched in seconds. But in many enterprises, especially in regulated industries, requesting and receiving a VM can take a staggering 60 to 90 days. This kind of delay can stifle innovation and slow down critical projects. But what if you could provide your developers with a more seamless, self-service experience that delivers a fully configured VM in under an hour, with automated lifecycle management? This isn't a far-off dream, it's a reality you can build with Red Hat's integrated toolset.3 pillars of a modern IT se