Kubernetes Cluster RCE Vulnerability Let Attacker Takeover All Windows Nodes

A critical vulnerability in Kubernetes, designated as CVE-2024-9042, has been discovered, enabling attackers to execute remote code with SYSTEM privileges on all Windows nodes within a Kubernetes cluster. This vulnerability, identified by Akamai security researcher Tomer Peled, specifically affects the…

Open WebUI Vulnerability via File Upload Leads to 1-Click RCE Attack

itsecuritynews.info - 12/May 18:02

A single click can allow attackers to exploit a critical, unpatched flaw in Open WebUI to seize control of AI workspaces, execute remote code, hijack...

Argo CD ServerSideDiff Flaw Allows Attackers to Extract Kubernetes Secrets

itsecuritynews.info - 06/May 09:13

A critical vulnerability has been identified in Argo CD that could allow attackers with minimal privileges to extract highly sensitive Kubernetes...

Argo CD ServerSideDiff Flaw Allows Attackers to Extract Kubernetes Secrets

itsecuritynews.info - 06/May 09:13

A critical vulnerability has been identified in Argo CD that could allow attackers with minimal privileges to extract highly sensitive Kubernetes...

Claude Code RCE Flaw Lets Attackers Execute Commands via Malicious Deeplinks

itsecuritynews.info - 18/May 04:32

A critical remote code execution (RCE) vulnerability has been discovered in Anthropic’s Claude Code CLI tool, allowing attackers to execute...

Claude Code Vulnerability Allows Attackers to Run Commands Through Crafted Deeplinks

itsecuritynews.info - 18/May 05:02

A recently disclosed flaw in Claude Code allowed attackers to execute arbitrary system commands using a single crafted deeplink URL, turning a...

Chaotic Eclipse discloses MiniPlasma zero-day, suggesting a missing or undone 2020 Windows security fix

securityaffairs.co - 18/May 08:13

MiniPlasma: a Windows SYSTEM privilege escalation believed patched in 2020 (CVE-2020-17103) is still fully working on every patched Windows 11. Once...

Critical Weaver E-cology RCE Vulnerability Actively Exploited in Attacks

itsecuritynews.info - 05/May 17:09

A critical unauthenticated remote code execution vulnerability in the Weaver E-cology platform is currently being actively exploited in the wild....

Critical Weaver E-cology RCE Vulnerability Actively Exploited in Attacks

itsecuritynews.info - 05/May 17:09

A critical unauthenticated remote code execution vulnerability in the Weaver E-cology platform is currently being actively exploited in the wild....

CVE-2025-68670: discovering an RCE vulnerability in xrdp

itsecuritynews.info - 08/May 08:32

During a security assessment of Kaspersky USB Redirector, we discovered CVE-2025-68670: a pre-auth RCE in the xrdp server component. Project...

New Windows ‘MiniPlasma’ Zero-Day Let Attackers Gain SYSTEM Access – PoC Released

itsecuritynews.info - 18/May 07:33

A critical Windows privilege escalation zero-day vulnerability dubbed “MiniPlasma” has emerged with a public proof-of-concept exploit that allows...

Rubriques :

Kubernetes Cluster RCE Vulnerability Let Attacker Takeover All Windows Nodes

Articles similaires

Open WebUI Vulnerability via File Upload Leads to 1-Click RCE Attack

Argo CD ServerSideDiff Flaw Allows Attackers to Extract Kubernetes Secrets

Argo CD ServerSideDiff Flaw Allows Attackers to Extract Kubernetes Secrets

Claude Code RCE Flaw Lets Attackers Execute Commands via Malicious Deeplinks

Claude Code Vulnerability Allows Attackers to Run Commands Through Crafted Deeplinks

Chaotic Eclipse discloses MiniPlasma zero-day, suggesting a missing or undone 2020 Windows security fix

Critical Weaver E-cology RCE Vulnerability Actively Exploited in Attacks

Critical Weaver E-cology RCE Vulnerability Actively Exploited in Attacks

CVE-2025-68670: discovering an RCE vulnerability in xrdp

New Windows ‘MiniPlasma’ Zero-Day Let Attackers Gain SYSTEM Access – PoC Released

Les derniers communiqués