IngressNightmare: Critical Zero-Day Kubernetes Vulnerabilities Put Thousands of Clusters at Risk (March 2025)

A set of ‘critical’ zero-day vulnerabilities, collectively named IngressNightmare, have been discovered in the widely used Ingress-NGINX Controller for Kubernetes that can result in a ‘full takeover‘ of a Kubernetes cluster! These flaws expose over 6,500 publicly exposed clusters to the risk of unauthenticated remote code execution (RCE) and privilege…

24/03/2025 Article Bloggers Chris Pietschmann

Share:

You may be interested in

Microsoft’s Vision for 2025 and Beyond: Copilot, Responsible AI, Security and Multicloud
The Microsoft Ignite 2024 conference kicks off next week and I’ve analyzed the full session list to gleam insights into the company’s strategic roadmap for 2025 and beyond. This years…
13/11/2024
Terraform: Create Azure Cosmos DB database and container
Azure Cosmos DB is a powerful, fully managed, NoSQL, globally distributed multi-model database service offered by Microsoft Azure. Azure Cosmos DB enables you to quickly create and query document databases,…
28/11/2023
Terraform Lookup Function – Usage and Examples
The Terraform lookup() function provides a powerful feature that can be used to implement more flexible and easily configurable infrastructure configurations. The lookup() function is essential for retrieving values from…
01/06/2024
How to Determine URL a Local Git Repository was Originally Cloned From
Git is a powerful version control system widely used in the software development world. When working with Git repositories, it’s essential to have a clear understanding of the repository’s origin.…
30/10/2023
GitHub Actions: Get Current Branch Name for Git Repo
How to get the current branch name in GitHub Actions can be useful for workflows that trigger off of multiple branches of a GitHub repository. The reason this can be…
04/06/2024
Fix: response_type ‘id_token’ is not enabled for the application (AADSTS700054)
When creating and configuring an Azure AD App Registration to use for authenticating a web application with Azure AD, it’s common to see the AADSTS700054: response_type 'id_token' is not enabled…
17/11/2023
Configure Scheduled Trigger in GitHub Actions using Cron expression
There are many times when scheduled triggers are very useful when configuring GitHub Actions workflows. Luckily, GitHub Actions supports the ability to configure scheduled triggers that includes support for using…
13/05/2024
IoT Security Architecture: Trust Zones and Security Boundaries
There are many aspects to architecting an Internet of Things (IoT) solution. Security is the most important aspect of any computer system, but it’s especially important with IoT solutions. It…
06/05/2024
No Copyright for AI-Generated Content? What Businesses Need to Know About the Latest US Copyright Office Rule
What’s the big deal between AI creation and copyright? Artificial Intelligence (AI) is revolutionizing the way businesses create content, from blog articles and marketing materials to art and software. However,…
05/02/2025
Major Azure Networking Outage in East US 2 Affecting VMs, App Service, and More! (Started January 8, 2025)
On January 8, 2025, Microsoft Azure started experiencing a significant networking outage in the East US 2 region. This outage has impacted a broad range of Azure services (including Azure…
10/01/2025
Analyzing IBM’s Acquisition of HashiCorp: A Game-Changer in Hybrid Cloud Management
IBM has announced its acquisition of HashiCorp Inc., a leading multi-cloud infrastructure automation company, for $6.4 billion! This acquisition is poised to revolutionize the hybrid cloud landscape, offering enterprises a…
25/04/2024
Introducing the new Azure AI Agent Service
Azure AI Agent Service is designed to revolutionize the development and deployment of these AI agents, delivering an enterprise-ready solution tailored to meet the unique needs of modern organizations. Organizations…
19/11/2024