Researchers at Aqua Security have discovered a dangerous exposure of sensitive Kubernetes secrets. This poses a supply chain attack threat to hundreds of organizations and open-source projects. The researchers found encoded Kubernetes configuration secrets in public repositories, including those of SAP and two top blockchain companies. These secrets are vulnerable to attacks because they are often stored unencrypted. Aqua Security called attention to the severity of the issue, which affects both individuals and large organizations. The exposure of these secrets can lead to data breaches, supply chain attacks, and compromises in organizations' security. The Aqua team found that practitioners often neglect to remove secrets from files they commit to public repositories, leaving sensitive information exposed. #Kubernetes #Cybersecurity #SupplyChainAttack

https://www.securityweek.com/researchers-discover-dangerous-exposure-of-sensitive-kubernetes-secrets/