News

CSO Online

Chaos-Mesh flaws put Kubernetes clusters at risk of full takeover

Four newly discovered vulnerabilities in the fault simulation platform can lead to OS command injection and cluster takeover, ...
Threat Post

380K Kubernetes API Servers Exposed to Public Internet

More than 380,000 of the 450,000-plus servers hosting the open-source container-orchestration engine for managing cloud deployments allow some form of access. More than 380,000 Kubernetes API servers ...
InfoQ

Ambassador: Building a Control Plane for an Envoy-Powered API Gateway on Kubernetes

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
eWeek

Top 20 Kubernetes Best Practices

Kubernetes is a powerful but complex system. Here are the Kubernetes best practices to optimize your deployment. Written by eWEEK content and product recommendations are editorially independent. We ...
The Hacker News

Chaos Mesh Critical GraphQL Flaws Enable RCE and Full Kubernetes Cluster Takeover

An in-cluster attacker, i.e., a threat actor with initial access to the cluster's network, could chain CVE-2025-59359, ...
Threat Post

Dangerous Kubernetes Bugs Allow Authentication Bypass, DoS

The flaws in the container technology, CVE-2019-16276 and CVE-2019-11253, are simple to exploit. A pair of bugs in the Kubernetes open-source cloud container software can be “highly dangerous” under ...
ZDNet

Kubernetes' first major security hole discovered

Kubernetes is a series of open source projects for automating the deployment, scaling, and management of containerized applications. Find out why the ecosystem matters, how to use it, and more. Read ...