Security

4 posts

CVE-2025-54313: Prettier Config Package Hijacked
A high-severity CVE exposed eslint-config-prettier to a supply chain attack via a phishing compromise. Learn what happened, who’s affected, and how to fix it.
Abhimanyu Saharan
Jul 29, 2025
- Security
A Persistent Security Hole in Kubernetes Finally Addressed
CVE-2025-1767 exposes root-level access on nodes via a deprecated volume plugin; Kubernetes 1.33 will disable it by default
Abhimanyu Saharan
Jun 23, 2025
- Kubernetes v1.33
- Security
- Kubernetes
CVE-2025-0426: Unauthenticated Kubelet Checkpoint API Could Lead to Node DoS
A critical kubelet bug exposes a DoS risk via the unauthenticated /checkpoint API. Learn how to detect, mitigate, and patch CVE-2025-0426.
Abhimanyu Saharan
May 23, 2025
- Security
- Kubernetes
Ingress-nginx CVE-2025-1974: What It Is and How to Fix It
CVE-2025-1974 (IngressNightmare) is a critical RCE flaw in ingress-nginx affecting 40%+ of clusters. Learn how to detect and patch it.
Abhimanyu Saharan
Mar 25, 2025
- Security
- Kubernetes

Loading…