all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes

Add to bookmarks
April 18, 2024, 5:54 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

Threat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to Kubernetes workloads and leverage them for cryptocurrency mining activity.
That's according to the Microsoft Threat Intelligence team, which said the flaws have been weaponized since the start of April 2024.
OpenMetadata is an open-source platform that operates as a

access april critical critical vulnerabilities crypto cryptocurrency cryptocurrency mining exploit exploiting flaws hackers hackers exploit intelligence kubernetes microsoft microsoft threat intelligence mine mining openmetadata platform start team threat threat actors threat intelligence unauthorized unauthorized access vulnerabilities workloads

Visit resource

More from thehackernews.com / The Hacker News

Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years 15 hours ago | thehackernews.com
attacks campaigns containers cybersecurity +10
U.S. Government Releases New AI Security Guidelines for Critical Infrastructure 18 hours ago | thehackernews.com
address ai risks ai security artificial +16
Considerations for Operational Technology Cybersecurity 18 hours ago | thehackernews.com
change control cybersecurity devices +18
New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024 23 hours ago | thehackernews.com
act and telecommunications april bans +23
Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023 1 day, 11 hours ago | thehackernews.com
access accounts address android +20
China-Linked 'Muddling Meerkat' Hijacks DNS to Map Internet on Global Scale 1 day, 15 hours ago | thehackernews.com
actor china cloud cloud security +22
Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM 1 day, 18 hours ago | thehackernews.com
adoption attackers challenge cyber +21
New R Programming Vulnerability Exposes Projects to Supply Chain Attacks 1 day, 18 hours ago | thehackernews.com
actor attacks code code execution +22
Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover 1 day, 19 hours ago | thehackernews.com
access adversary code code execution +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cloud Security Engineer

@ Gainwell Technologies | Any city, OR, US, 99999
View on infosec-jobs.com

Federal Workday Security Lead

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com

Workplace Consultant

@ Solvinity | Den Bosch, Noord-Brabant, Nederland
View on infosec-jobs.com

SrMgr-Global Information Security - Security Risk Management

@ Marriott International | Bethesda, MD, United States
View on infosec-jobs.com

Sr. Security Engineer - Data Loss Prevention

@ Verisk | Jersey City, NJ, United States
View on infosec-jobs.com
View more jobs