#kubernetes

Menlo Park, California, USA, 7th August 2025, CyberNewsWire

Red Hat OpenShift Service Mesh 3.1 has been released and is included with the Red Hat OpenShift Container Platform and Red Hat OpenShift Platform Plus. Based on the Istio, Envoy, and Kiali projects, this release updates the version of Istio to 1.26 and Kiali to 2.11, and is supported on OpenShift Container Platform 4.16 and above.This is the first minor release following Red Hat OpenShift Service Mesh 3.0, a major update to converge OpenShift Service Mesh with the community Istio project, with installation and management using the Sail operator. This change helps ensure that OpenShift Service

Menlo Park, United States, 30th July 2025, CyberNewsWire

### Summary A Denial of Service (DoS) vulnerability exists in Kyverno due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft expressions using the `{{@}}` variable combined with a pipe and an invalid JMESPath function (e.g., `{{@ | non_existent_function }}`). This leads to a `nil` value being substituted into the policy structure. Subsequent processing by internal functions, specifically `getValueAsStringMap`, which expect string values, results in a panic due to a type assertion failure (`interface {} is nil, not string`). This crashes Kyverno worker threads in the admission controller (and can lead to full admission controller unavailability in Enforce mode) and causes continuous crashes of the reports controller pod, leading to service degradation or unavailability." ### Details The vulnerability lies in the `getValueAsStringMap` function within `pkg/engine/wildcards/wildcards.go` (specifically around ...

Trellix exposes SquidLoader malware targeting Hong Kong, Singapore, and Australia's financial service institutions. Learn about its advanced evasion tactics and stealthy attacks.

In enterprise Kubernetes environments, security risks often arise from overlapping administrative access. Platform engineers, infrastructure operators and developers may all touch sensitive resources, like secrets. This creates opportunities for privilege misuse or data exposure. By separating admin duties using Confidential Containers, organizations can prevent insider threads, simplify compliance, and align with zero-trust principles.Kubernetes role-based access control (RBAC) enforces access policies by defining roles and permissions for users, groups, and service accounts. It allows you to

A container escape flaw involving the NVIDIA Container Toolkit could have enabled a threat actor to access AI datasets across tenants.

### Background The [`VOLUME`](https://docs.docker.com/reference/dockerfile/#volume) directive in Dockerfiles, or the [`config.volumes`](https://github.com/opencontainers/image-spec/blob/06e6b47e2ef69021d9f9bf2cfa5fe43a7e010c81/config.md?plain=1#L168-L170) field in OCI image descriptors, indicates filesystem paths "where the process is likely to write data". While these paths have special semantics in Docker, they are only hints in the OCI spec and are not treated specially by Kubernetes. However, containered implements the [specified conversion logic](https://github.com/opencontainers/image-spec/blob/06e6b47e2ef69021d9f9bf2cfa5fe43a7e010c81/conversion.md?plain=1#L100-L105) and adds a mount point if there is none set by Kubernetes. Unfortunately, the specification leaves it open whether the mount point is populated with any and what data, so the runtime needs to be able to push arbitrary data to the Kata agent. However, this is almost always not what the user wants: 1. A declared `VO...

### Summary A command injection vulnerability exists in the `mcp-server-kubernetes` MCP Server. The vulnerability is caused by the unsanitized use of input parameters within a call to `child_process.execSync`, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process's privileges. The server constructs and executes shell commands using unvalidated user input directly within command-line strings. This introduces the possibility of shell metacharacter injection (`|`, `>`, `&&`, etc.). ### Details The MCP Server exposes tools (`kubectl_scale`, `kubectl_patch` , `explain_resource`, etc) to perform several kubernetes operations. An MCP Client can be instructed to execute additional actions for example via prompt injection when asked to read pod logs. Below some example of vulnerable code and different ways to test this vulnerability including a real example of indirect prompt injection that can lead to ...

A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found.