Threat Post

Kubernetes Cloud Clusters Face Cyberattacks via Argo Workflows

Misconfigured permissions for Argo’s web-facing dashboard allow unauthenticated attackers to run code on Kubernetes targets, including cryptomining containers. Kubernetes clusters are being attacked ...
Bleeping Computer

Attackers deploy cryptominers on Kubernetes clusters via Argo Workflows

Threat actors are abusing misconfigured Argo Workflows instances to deploy cryptocurrency miners on Kubernetes (K8s) clusters. Kubernetes is an open-source system that helps to automate the deployment ...
ZDNet

Researchers find new attack vector against Kubernetes clusters via misconfigured Argo Workflows instances

Analysts with cybersecurity company Intezer have found that cybercriminals are now going after a new attack vector against Kubernetes clusters via misconfigured Argo Workflows instances. Intezer ...
Business Wire

Codefresh, the Enterprise Leader Behind Argo, Contributes Codefresh Hub For Argo, a Central Destination for Certified Argo Workflow Templates

MOUNTAIN VIEW, Calif.--(BUSINESS WIRE)--In a keynote address live at the inaugural ArgoCon, Codefresh today announced a new Argo community marketplace – Codefresh Hub for Argo – devoted to helping ...
Bleeping Computer

Max severity Argo CD API flaw leaks repository credentials

An Argo CD vulnerability allows API tokens with even low project-level get permissions to access API endpoints and retrieve all repository credentials associated with the project. The flaw, tracked ...