tldr - powered by Generative AI
Hackers are exploiting critical vulnerabilities in OpenMetadata to mine cryptocurrency on Kubernetes, highlighting the importance of strong authentication methods and staying compliant with fully patched workloads in containerized environments.
- Threat actors are actively exploiting vulnerabilities in OpenMetadata for cryptocurrency mining.
- The vulnerabilities allow for authentication bypass and remote code execution.
- Attackers deploy crypto-mining malware and establish command-and-control communications.
- Users are advised to use strong authentication methods, avoid default credentials, and update to the latest version of OpenMetadata.
- Publicly accessible Redis servers are also being targeted for post-exploitation with Metasploit payloads.
Tags:
OpenMetadata
cryptocurrency
Kubernetes
vulnerabilities