Attack on Kubernetes via Misconfigured Argo Workflows
Impact Users running using the Argo Server with --auth-mode=server which is the default v3.0.0 AND have exposed their UI to the Internet may allow remote users to execute arbitrary code on their cluster, e.g. crypto-mining. Resolution Do not expose your user interface to the Internet. Change...