Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
How the Sys:All Loophole Allowed Us To Penetrate GKE Clusters in Production
Malware and Vulnerabilities
January 24, 2024
Orca
An external threat actor in possession of a Google account could misuse this misconfiguration by using their own Google OAuth 2.0 bearer token to seize control of the cluster for follow-on exploitation.
Read More
Google Kubernetes Engine
Misconfiguration
JWT tokens
AWS Keys
RBAC Bindings
Publisher
Previous
Global Retailer BuyGoods.com Leaks User PII, KYC data
Breaches and Incidents
Next
Water Services Giant Veolia North America Hit by Ransom ...
Breaches and Incidents
/https://cyware-ent.s3.amazonaws.com/image_bank/iStock-648247682.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/3c52_shutterstock_192463874.jpg)
