CSOonline

Group permission misconfiguration exposes Google Kubernetes Engine clusters

It's easy for admins to misunderstand what GKE considers authenticated users and set permissions that could allow anyone with a Google account to access their systems. Researchers warn that many ...
Dark Reading

Google Kubernetes Clusters Suffer Widespread Exposure to External Attackers

The authentication mechanism within the Google Kubernetes Engine (GKE) has a loophole that could allow an external attacker with any Google account to access organizations' private Kubernetes ...