SPARK: Secure Predictive Autoscaling for Robust Kubernetes

Achieving high availability and robust security in Kubernetes requires more than reactive scaling and standard perimeter firewalls. Traditional autoscalers, such as HPA, often fail to react quickly to traffic spikes and cannot distinguish between legitimate flash crowds and DDoS attacks. We prese...

aws-manager (>=0.0.18 <=0.19.8), ec2-search (>=0.14.0 <=0.14.1) potentially affected by unknown CVE via aws-sdk-autoscaling (>=0.18.0 <=0.9.0)

aws-sdk-autoscaling CARGO version =0.18.0, =0.0.18, =0.14.0, =0.14.1 Source cves: unknown CVE Source advisory: OSV:GHSA-G59M-GF8J-GJF5...

CVE-2025-68476 KEDA has Arbitrary File Read via Insufficient Path Validation in HashiCorp Vault Service Account Credential

KEDA is a Kubernetes-based Event Driven Autoscaling component. Prior to versions 2.17.3 and 2.18.3, an Arbitrary File Read vulnerability has been identified in KEDA, potentially affecting any KEDA resource that uses TriggerAuthentication to configure HashiCorp Vault authentication. The...

CVE-2025-68476 KEDA has Arbitrary File Read via Insufficient Path Validation in HashiCorp Vault Service Account Credential

KEDA is a Kubernetes-based Event Driven Autoscaling component. Prior to versions 2.17.3 and 2.18.3, an Arbitrary File Read vulnerability has been identified in KEDA, potentially affecting any KEDA resource that uses TriggerAuthentication to configure HashiCorp Vault authentication. The...

Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign

An ongoing campaign has been observed targeting Amazon Web Services AWS customers using compromised Identity and Access Management IAM credentials to enable cryptocurrency mining. The activity, first detected by Amazon's GuardDuty managed threat detection service and its automated security...

SUSE SLES15 Security Update : kubernetes1.23 (SUSE-SU-2025:02423-2)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02423-2 advisory. - CVE-2021-25743: Escape terminal special characters in kubectl output bsc1194400. - CVE-2023-2431: Prevent pods to bypass the...

tutor-android (=17.0.0), tutor-cairn (>=17.0.0 <=17.1.0) +18 more potentially affected by CVE-2025-65681 via tutor (=17.0.6)

tutor PYPI version =17.0.6 is affected by a known vulnerability. The following packages have a transitive dependency on tutor and may be impacted: - tutor-android =17.0.0 - tutor-cairn =17.0.0, =17.0.0, =16.0.3, =17.0.0, =17.0.0, =17.0.0, =17.0.0, =17.0.0, =17.0.0, =17.4.2 - tutor-jupyter =17.0.0...

Moderate: Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift 2.17.2-1 Update

Custom Metrics Autoscaler Operator for Red Hat OpenShift updates. The following updates for the Custom Metric Autoscaler operator for Red Hat OpenShift are now available: custom-metrics-autoscaler-adapter-container custom-metrics-autoscaler-admission-webhooks-container...

Security update for kubernetes1.23

This update for kubernetes1.23 fixes the following issues: CVE-2021-25743: Escape terminal special characters in kubectl output bsc1194400. CVE-2023-2431: Prevent pods to bypass the seccomp profile enforcement bsc1212493. CVE-2024-0793: Advance autoscaling v2 as the preferred API version...

SUSE-SU-2025:02423-2 Security update for kubernetes1.23

This update for kubernetes1.23 fixes the following issues: - CVE-2021-25743: Escape terminal special characters in kubectl output bsc1194400. - CVE-2023-2431: Prevent pods to bypass the seccomp profile enforcement bsc1212493. - CVE-2024-0793: Advance autoscaling v2 as the preferred API version...

Security update for kubernetes1.23

This update for kubernetes1.23 fixes the following issues: CVE-2021-25743: Escape terminal special characters in kubectl output bsc1194400. CVE-2023-2431: Prevent pods to bypass the seccomp profile enforcement bsc1212493. CVE-2024-0793: Advance autoscaling v2 as the preferred API version...

SUSE-SU-2025:02423-1 Security update for kubernetes1.23

This update for kubernetes1.23 fixes the following issues: - CVE-2021-25743: Escape terminal special characters in kubectl output bsc1194400. - CVE-2023-2431: Prevent pods to bypass the seccomp profile enforcement bsc1212493. - CVE-2024-0793: Advance autoscaling v2 as the preferred API version...

Scaling Spin Apps With KEDA

Scale Spin apps on Kubernetes using SpinKube and KEDA for event-driven autoscaling based on Amazon SQS queue metrics...

GitLab: Arbitrary escape sequence injection in docker-machine from worker nodes

Vulnerability description not provided...

GO-2022-1148 Resource exhaustion in github.com/libp2p/go-libp2p

go-libp2p is vulnerable to targeted resource exhaustion attacks. These attacks target libp2p's connection, stream, peer, and memory management. An attacker can cause the allocation of large amounts of memory ultimately leading to the process getting killed by the host's operating system. While a...

GHSA-J7QP-MFXF-8XJW libp2p DoS vulnerability from lack of resource management

Impact Versions older than v0.18.0 of go-libp2p are vulnerable to targeted resource exhaustion attacks. These attacks target libp2p’s connection, stream, peer, and memory management. An attacker can cause the allocation of large amounts of memory, ultimately leading to the process getting killed ...

Wallarm extends AWS API security with the official Terraform module

Wallarm API Security solution is now available in AWS as an official Terraform module, with a full feature set including autoscaling groups, API Gateway connector, mirroring, and agentless out-of-band deployments. To address modern cloud-native threats, API security vendor Wallarm released extend...

Malicious code in jenkins-autoscaling (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 407c23d17ae0216f76ee0044742748367bae6ab0464be5803730cd48a9b318d2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-4013 Malicious code in jenkins-autoscaling (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 407c23d17ae0216f76ee0044742748367bae6ab0464be5803730cd48a9b318d2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Serverless at the Edge: Enabling Magical Unicorns

Before we dive straight into the magical unicorn from heaven that is serverless computing embedded within the CDN edge a direct customer quote that I want on a team T-shirt soon, let's first level-set on some basic concepts of computing. In the context of web experiences, IoT device messaging, an...