all InfoSec news
OpenMetadata Bugs Enable Kubernetes Cryptomining Attacks
Malware Analysis, News and Indicators - Latest topics malware.news
Threat actors have been exploiting known vulnerabilities in open-source platform OpenMetadata in order to access Kubernetes workloads and use them for cryptomining.
The flaws (CVE-2024-28255, CVE-2024-28847, CVE-2024-28253, CVE-2024-28848 and CVE-2024-28254) being targeted were previously disclosed and patched in versions of OpenMetadata prior to 1.3.1 on March 15. OpenMetadata serves as a central repository to help users manage metadata across different data sources.
Researchers with Microsoft’s threat intelligence team in a Wednesday analysis said that they have observed attackers exploiting the …
1.3.1 access attacks bugs cryptomining cve cve-2024 enable exploiting flaws known vulnerabilities kubernetes march openmetadata order platform repository threat threat actors vulnerabilities workloads