Fortune 500 at Risk: 250M Artifacts Exposed via Misconfigured Registries

Aqua Nautilus Research Blog

Nautilus focuses on cybersecurity research of the cloud native stack, missioned to uncover new vulnerabilities, threats and attacks that target containers, Kubernetes, serverless, and public cloud infrastructure.

SECURITY RESEARCH

Fortune 500 at Risk: 250M Artifacts Exposed via Misconfigured Registries

What if you were told that you had a misconfigured registry with hundreds of millions of software artifacts containing highly confidential and sensitive proprietary code and secrets exposed in your environment right now? This would be what you’d call a really bad day for security. Recently, the Aqua Nautilus research team found just that in …

SECURITY RESEARCH

First-Ever Attack Leveraging Kubernetes RBAC to Backdoor Clusters

We have recently discovered the first-ever evidence that attackers are exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) in the wild to create backdoors. The attackers also deployed DaemonSets to take over and hijack resources of the K8s clusters they attack. Our research suggests that this campaign is actively targeting at least 60 clusters in the …

SECURITY RESEARCH

CorePlague: Critical Vulnerabilities in Jenkins Server Lead to RCE

Aqua Nautilus researchers have discovered a chain of critical vulnerabilities, dubbed CorePlague, in the widely used Jenkins Server and Update Center (CVE-2023-27898, CVE-2023-27905). Exploiting these vulnerabilities could allow an unauthenticated attacker to execute arbitrary code on the victim’s Jenkins server, potentially leading to a complete compromise of the Jenkins server. Furthermore, these vulnerabilities could be exploited …

SECURITY RESEARCH

HeadCrab: A Novel State-of-the-Art Redis Malware in a Global Campaign

Aqua Nautilus researchers discovered a new elusive and severe threat that has been infiltrating and residing on servers worldwide since early September 2021. Known as HeadCrab, this advanced threat actor utilizes a state-of-the-art, custom-made malware that is undetectable by agentless and traditional anti-virus solutions to compromise a large number of Redis servers. The HeadCrab botnet …

SECURITY RESEARCH

Can You Trust Your VSCode Extensions?

Aqua Nautilus researchers have recently discovered that attackers can easily impersonate popular Visual Studio Code extensions and trick unknowing developers into downloading them. In original vulnerability research, we’ve uncovered a new attack method which could act as an entry point for an attack on many organizations. We’ve also discovered that some extensions may have already …

SECURITY RESEARCH

In-depth Analysis of the PyTorch Dependency Confusion Administered Malware

Recently, a dependency of the widely used PyTorch-nightly Python package was targeted in a dependency confusion attack, resulting in thousands of individuals downloading a malicious binary that exfiltrated data through DNS. The individual responsible for this attack claimed to be a security researcher whose research had gone awry. In this blog, we will provide an …

SECURITY RESEARCH

Technical Review: A Deep Analysis of the Dirty Pipe Vulnerability

Dirty Pipe (CVE-2022-0847) proved that there is a new way to exploit Linux syscalls to write to files with a read-only privileges. The fact that someone can write to a file regardless of its permissions is a big security threat. An application of this vulnerability would be to write on the host from an unprivileged …

SECURITY RESEARCH

Aqua Nautilus Discovers Redigo — New Redis Backdoor Malware

Aqua Nautilus discovered new Go-based malware that targets Redis servers. The attack was executed against one of our deliberately vulnerable Redis honeypots (CVE-2022-0543). Our investigation revealed new undetected malware written in Golang designed to target Redis servers to allow the attacking server to dominate the compromised machine. Therefore, the malware received the name Redigo. In …

SECURITY RESEARCH

Updated Security Advisory: New OpenSSL Vulnerabilities

The OpenSSL project has pre-announced a new and critical severity vulnerability, which was downgraded to High as of today, Nov. 1, 2022. The initial pre-announcement blog has been updated here to reflect additional remediation guidance.

SECURITY RESEARCH

Text4Shell: CVE-2022-42889 in Apache Commons Text Explained

A new vulnerability in the Apache Commons Text library indicates that attackers can perform remote code execution (RCE). The media rushed to create hype around this vulnerability, comparing it to the infamous zero-day vulnerability Log4Shell, which emerged late last year and was broadly exploited by attackers. However, it’s too soon to say whether this new …

SECURITY RESEARCH

Threat Alert: Private npm Packages Disclosed via Timing Attacks

We at Aqua Nautilus have discovered that npm’s API allows threat actors to execute a timing attack that can detect whether private packages exist on the package manager. By creating a list of possible package names, threat actors can detect organizations’ scoped private packages and then masquerade public packages, tricking employees and users into downloading …

SECURITY RESEARCH

Threat Alert: New Malware in the Cloud By TeamTNT

Over the past week we observed three different attacks on our honeypots. The scripts and malware that were used bear a striking resemblance to none other than the threat actor TeamTNT. Eleven months ago they posted a farewell note on Twitter. Since then, we have only seen legacy attacks which automatically run on past infrastructure. …

Page 5 of 11‹ Prev 1 2 3 456 7 8 9 Next ›

Need to secure enterprise workloads?

Aqua Cloud Native Application Protection Platform (CNAPP)

Go cloud native with the experts!

Get Demo

Aqua Security is the pioneer in securing containerized cloud native applications from development to production. Aqua's full lifecycle solution prevents attacks by enforcing pre-deployment hygiene and mitigates attacks in real time in production, reducing mean time to repair and overall business risk. The Aqua Platform, a Cloud Native Application Protection Platform (CNAPP), integrates security from Code to Cloud, combining the power of agent and agentless technology into a single solution. With enterprise scale that doesn’t slow development pipelines, Aqua secures your future in the cloud. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL protecting over 500 of the world’s largest enterprises.

Read Aqua Security reviews on G2

Use Cases

Environments

Partners

Products

Get Started

Copyright © 2026 Aqua Security Software Ltd. Privacy Policy | Terms of Use | Cookie Policy | |