Infosecurity-magazine.com

IngressNightmare: Four Critical Bugs Found in 40% of Cloud Systems

Kubernetes customers using the popular Ingress NGINX Controller have been urged to patch four newly discovered remote code execution (RCE) flaws assigned a CVSS score of 9.8. Dubbed “IngressNightmare” ...
Hosted on MSN

Public-facing Kubernetes clusters at risk of takeover thanks to Ingress-Nginx flaw

Cloudy infosec outfit Wiz has discovered serious vulnerabilities in the admission controller component of Ingress-Nginx Controller that could allow the total takeover of Kubernetes clusters – and ...
CRN

‘IngressNightmare’ Vulnerabilities Are A Kubernetes Emergency: Wiz CTO

A series of ‘critical’ zero-day vulnerabilities can enable ‘full takeover’ of a Kubernetes cluster — and are ‘probably the most severe’ security issue to affect Kubernetes environments in recent years ...
Hackaday

This Week In Security: IngressNightmare, NextJS, And Leaking DNA

This week, researchers from Wiz Research released a series of vulnerabilities in the Kubernetes Ingress NGINX Controller that, when chained together, allow an unauthorized attacker to completely take ...
InfoQ

Kubernetes Community Retires Popular Ingress NGINX Controller

The Kubernetes SIG Network and the Security Response Committee has announced the retirement of Ingress NGINX, one of the most widely deployed ingress controllers in the ecosystem. Best-effort ...