all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

OpenMetadata Bugs Enable Kubernetes Cryptomining Attacks

Add to bookmarks
April 18, 2024, 1:10 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Threat actors have been exploiting known vulnerabilities in open-source platform OpenMetadata in order to access Kubernetes workloads and use them for cryptomining.


The flaws (CVE-2024-28255, CVE-2024-28847, CVE-2024-28253, CVE-2024-28848 and CVE-2024-28254) being targeted were previously disclosed and patched in versions of OpenMetadata prior to 1.3.1 on March 15. OpenMetadata serves as a central repository to help users manage metadata across different data sources.


Researchers with Microsoft’s threat intelligence team in a Wednesday analysis said that they have observed attackers exploiting the …

1.3.1 access attacks bugs cryptomining cve cve-2024 enable exploiting flaws known vulnerabilities kubernetes march openmetadata order platform repository threat threat actors vulnerabilities workloads

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Cyberattack against United Russia claimed by Ukraine 38 minutes ago | malware.news
attack cyberattack distributed initiative +14
US jails former NSA employee for attempting secret sale to Russia 38 minutes ago | malware.news
agency article confidential defense +25
Better identity threat detection sought by new Semperis ML-based tool 38 minutes ago | malware.news
and response article detection detection and response +27
Red Hat's latest enterprise Linux delivers new features to tackle hybrid-cloud complexity an hour ago | malware.news
addition article cloud complexity +13
NASA doesn't know if its spacecraft have adequate cyber defenses, GAO warns an hour ago | malware.news
agency article best practices cyber +11
US warns of Russian hackers targeting operational technology in water systems 2 hours ago | malware.news
advisory breached hackers official +10
Senators grill UnitedHealth CEO on Change Healthcare cyberattack 2 hours ago | malware.news
article ceo change change healthcare +13
‘Uncharted Territory:’ Companies Devise AI Security Policies 3 hours ago | malware.news
ai security businesses companies don +14
Significant drop recorded in FBI searches of Section 702 database 3 hours ago | malware.news
act agency database fbi +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Azure DevSecOps Cloud Engineer II

@ Prudent Technology | McLean, VA, USA
View on infosec-jobs.com

Security Engineer III - Python, AWS

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
View on infosec-jobs.com

SOC Analyst (Threat Hunter)

@ NCS | Singapore, Singapore
View on infosec-jobs.com

Managed Services Information Security Manager

@ NTT DATA | Sydney, Australia
View on infosec-jobs.com

Senior Security Engineer (Remote)

@ Mattermost | United Kingdom
View on infosec-jobs.com

Penetration Tester (Part Time & Remote)

@ TestPros | United States - Remote
View on infosec-jobs.com
View more jobs