anchore<p>👨💻 When the next <a href="https://mstdn.business/tags/IngressNightmare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IngressNightmare</span></a> happens, will you be ready? Join our <a href="https://mstdn.business/tags/webinar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>webinar</span></a> to learn how to implement runtime <a href="https://mstdn.business/tags/SBOM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBOM</span></a> inventory for immediate zero-day vulnerability assessment. Technical demo included. <a href="https://get.anchore.com/rapid-incident-response-with-sboms/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">get.anchore.com/rapid-incident</span><span class="invisible">-response-with-sboms/</span></a> <a href="https://mstdn.business/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ZeroDay</span></a> <a href="https://mstdn.business/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DevSecOps</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
bolha.us is one of the many independent Mastodon servers you can use to participate in the fediverse.
We're a Brazilian IT Community. We love IT/DevOps/Cloud, but we also love to talk about life, the universe, and more. | Nós somos uma comunidade de TI Brasileira, gostamos de Dev/DevOps/Cloud e mais!
Administered by:
Server stats:
250active users
bolha.us: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#ingressnightmare
1 post · 1 participant · 0 posts today
Kubewarden<p>Discover how Kubewarden can protect you from the critical <a href="https://hachyderm.io/tags/IngressNightmare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IngressNightmare</span></a> vulnerability (CVE-2025-1974): <a href="https://www.kubewarden.io/blog/2025/04/ingress-nginx-cve-2025-1974/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">kubewarden.io/blog/2025/04/ing</span><span class="invisible">ress-nginx-cve-2025-1974/</span></a></p>
:mastodon: decio<p>[related]<br>⬇️ <br><em>4,500 clusters still exposed to potential pre-auth RCE and working exploit available</em><br>👇 <br><a href="https://www.thestack.technology/the-one-with-ross-and-the-horrifying-kubernetes-vulnerability/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">thestack.technology/the-one-wi</span><span class="invisible">th-ross-and-the-horrifying-kubernetes-vulnerability/</span></a></p><p>[PoC]<br>⬇️ <br>"Exploit for Ingress NGINX - IngressNightmare"<br>👇 <br><a href="https://github.com/hakaioffsec/IngressNightmare-PoC" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/hakaioffsec/Ingress</span><span class="invisible">Nightmare-PoC</span></a></p><p><a href="https://infosec.exchange/tags/CyberVeille" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberVeille</span></a><br><a href="https://infosec.exchange/tags/Kubernetes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Kubernetes</span></a> <br><a href="https://infosec.exchange/tags/IngressNightmare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IngressNightmare</span></a> <br><a href="https://infosec.exchange/tags/CVE_2025_1974" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE_2025_1974</span></a></p>
Ravi Nayyar<p>'... series of unauthenticated ... [RCE] vulnerabilities in Ingress NGINX Controller for Kubernetes dubbed <a href="https://infosec.exchange/tags/IngressNightmare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IngressNightmare</span></a> ...</p><p>'... about 43% of cloud environments are vulnerable to these vulnerabilities, with our research uncovering over 6,500 clusters, including Fortune 500 companies, that publicly expose vulnerable Kubernetes ingress controllers’ admission controllers to the public internet ...</p><p>'Using Ingress-NGINX is one of the most common methods for exposing Kubernetes applications externally. </p><p>'Our research show that over 41% of internet-facing clusters are running Ingress-NGINX'.<br><a href="https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">wiz.io/blog/ingress-nginx-kube</span><span class="invisible">rnetes-vulnerabilities</span></a></p>
IT News<p>This Week in Security: IngressNightmare, NextJS, and Leaking DNA - This week, researchers from Wiz Research released a series of vulnerabilities in t... - <a href="https://hackaday.com/2025/03/28/this-week-in-security-ingressnightmare-nextjs-and-leaking-dna/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackaday.com/2025/03/28/this-w</span><span class="invisible">eek-in-security-ingressnightmare-nextjs-and-leaking-dna/</span></a> <a href="https://schleuss.online/tags/thisweekinsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>thisweekinsecurity</span></a> <a href="https://schleuss.online/tags/ingressnightmare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ingressnightmare</span></a> <a href="https://schleuss.online/tags/hackadaycolumns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hackadaycolumns</span></a> <a href="https://schleuss.online/tags/securityhacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>securityhacks</span></a> <a href="https://schleuss.online/tags/23andme" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>23andme</span></a> <a href="https://schleuss.online/tags/nextjs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nextjs</span></a> <a href="https://schleuss.online/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>news</span></a></p>
Victor Pierre<p>A well written article explaining the <a href="https://hachyderm.io/tags/IngressNightmare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IngressNightmare</span></a> vulnerability</p><p><a href="https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">wiz.io/blog/ingress-nginx-kube</span><span class="invisible">rnetes-vulnerabilities</span></a></p>
maikthulhu<p>ooooo 👀 <a href="https://github.com/hakaioffsec/IngressNightmare-PoC" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/hakaioffsec/Ingress</span><span class="invisible">Nightmare-PoC</span></a></p><p><a href="https://infosec.exchange/tags/ingressnightmare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ingressnightmare</span></a></p>
Sam Stepanyan :verified: 🐘<p><a href="https://infosec.exchange/tags/NGINX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NGINX</span></a> Critical Ingress NGINX Controller for <a href="https://infosec.exchange/tags/Kubernetes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Kubernetes</span></a> Vulnerability Allows <a href="https://infosec.exchange/tags/RCE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RCE</span></a> Without Authentication. A set of 5 critical security CVE with CVSS scores 4.8-9.8 affecting ~43% of cloud environments globally:</p><p><a href="https://infosec.exchange/tags/IngressNightmare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IngressNightmare</span></a></p><p><a href="https://thehackernews.com/2025/03/critical-ingress-nginx-controller.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thehackernews.com/2025/03/crit</span><span class="invisible">ical-ingress-nginx-controller.html</span></a></p>
winnie, the disassembling bear<p>Multiple CVEs tied to admission controller component of Ingress NGINX Controller. In a nutshell the problem is:</p><p>"[...] a vulnerability in this phase that allows injecting an arbitrary NGINX configuration remotely, by sending a malicious ingress object directly to the admission controller through the network."</p><p>"[...]Exploitation of these vulnerabilities leads to unauthorized access to all secrets stored across all namespaces in the Kubernetes cluster by attackers, which can result in cluster takeover.[...]"</p><p>writeup: <a href="https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">wiz.io/blog/ingress-nginx-kube</span><span class="invisible">rnetes-vulnerabilities</span></a></p><p>Mitigation:</p><p>Patch or ... "Ensure the admission webhook endpoint is not exposed externally"</p><p>Nuclei Template for detection of admission controller: <a href="https://gist.github.com/nirohfeld/7a7c82c62321de9c2ef95d266b241fcb" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gist.github.com/nirohfeld/7a7c</span><span class="invisible">82c62321de9c2ef95d266b241fcb</span></a></p><p><a href="https://social.linux.pizza/tags/ingressnightmare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ingressnightmare</span></a></p>
:mastodon: decio<p>⚠️ Alerte sécurité sur Kubernetes : <a href="https://infosec.exchange/tags/IngressNightmare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IngressNightmare</span></a></p><p>Le 24 mars 2025, l’équipe de recherche de Wiz et les mainteneurs de Kubernetes ont dévoilé 5 vulnérabilités majeures affectant le très populaire Ingress-NGINX Controller (présent sur +40% des clusters).</p><p>Ces failles, dont la plus grave est CVE-2025-1974 (CVSS 9.8), permettent à un attaquant sans identifiants d’exécuter du code à distance (Remote Code Execution) et de prendre le contrôle complet du cluster Kubernetes, en accédant à tous les secrets (mots de passe, clés d’API, etc.).</p><p>Ce qui est en cause :<br>Le composant vulnérable est le Validating Admission Controller d’Ingress-NGINX. Il valide les objets "Ingress" mais est, par défaut, accessible sans authentification depuis le réseau interne du cluster – parfois même exposé publiquement.</p><p>Les chercheurs ont réussi à injecter des configurations NGINX malveillantes, puis à exécuter du code en important des bibliothèques à partir de fichiers temporaires via NGINX. Une véritable porte d’entrée invisible.</p><p>✅ Ce que vous devez faire rapidement:<br>Vérifiez si vous utilisez ingress-nginx :</p><blockquote><p>kubectl get pods --all-namespaces --selector app.kubernetes.io/name=ingress-nginx </p></blockquote><p>Mettez à jour vers une version corrigée :</p><p>v1.12.1 ou v1.11.5</p><p>Si vous ne pouvez pas mettre à jour tout de suite :</p><p>Désactivez temporairement le webhook d’admission (voir instructions officielles).</p><p>[Sources officielles]<br>⬇️ <br>Blog de recherche Wiz :<br>"IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX"<br>👇 <br><a href="https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">wiz.io/blog/ingress-nginx-kube</span><span class="invisible">rnetes-vulnerabilities</span></a></p><p>📢 Annonce de Kubernetes (Security Response Committee) :<br>"Ingress-nginx CVE-2025-1974: What You Need to Know"<br>👇 <br><a href="https://kubernetes.io/blog/2025/03/24/ingress-nginx-cve-2025-1974/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">kubernetes.io/blog/2025/03/24/</span><span class="invisible">ingress-nginx-cve-2025-1974/</span></a></p><p><a href="https://infosec.exchange/tags/CyberVeille" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberVeille</span></a> <a href="https://infosec.exchange/tags/Kubernetes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Kubernetes</span></a> <a href="https://infosec.exchange/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DevSecOps</span></a> <a href="https://infosec.exchange/tags/CVE_2025_1974" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE_2025_1974</span></a> <a href="https://infosec.exchange/tags/RCE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RCE</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload