Argo CD flaw puts cloud infrastructure at risk

Read Time:30 Second

A high-risk vulnerability that could allow attackers to steal sensitive information secrets from software projects was found and fixed in Argo CD, a widely used continuous delivery platform for applications deployed via Kubernetes.

According to researchers from cloud application security Apiiro, who found and reported the vulnerability, attackers could feed a maliciously crafted Kubernetes application deployment configuration file to Argo that can expose files, environment settings and secret tokens from the central repository server. This could potentially lead to privilege escalation and further lateral movement into the organization’s cloud infrastructure.

To read this article in full, please click here

Generated by Feedzy

Cyber Security News

Deepfake Defense: Your 8-Step Shield Against Digital Deceit

Friday Squid Blogging: Influencer Accidentally Posts Restaurant Table QR Ordering Code

Safer AI: Four Questions Shaping Our Digital Future

UK and US expose Russian hacking plot intended to influence UK’s 2019 elections and spread disinformation

New Bluetooth Attack

ICO Warns of Fines for “Nefarious” AI Use

Geopolitics to Blame For DoS Surge in Europe, Says ENISA

Ransomware Surge is Driving UK Inflation, Says Veeam

New Report: Over 40% of Google Drive Files Contain Sensitive Info