Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters

Attackers are constantly seeking new vulnerabilities to compromise Kubernetes environments. Microsoft recently uncovered an attack that exploits new critical vulnerabilities in OpenMetadata to gain access to Kubernetes workloads and leverage them for cryptomining activity.

OpenMetadata is an open-source platform designed to manage metadata across various data sources. It serves as a central repository for metadata lineage, allowing users to discover, understand, and govern their data. On March 15, 2024, several vulnerabilities in OpenMetadata platform were published. These vulnerabilities (CVE-2024-28255 …

access attack attackers clusters compromise critical critical vulnerabilities cryptomining data data sources environments exploiting exploits kubernetes kubernetes clusters manage metadata microsoft platform uncovered vulnerabilities workloads