National Security Agency and Cybersecurity and Infrastructure Security Agency have released new guidance on Kubernetes security. The guidance provides advice on securing container environments from supply chain threats, insider threats and data exfiltration risks. The agencies also warn that hackers target the open-source container-orchestration system for data theft and denial-of-service attacks. They describe risks, including: A vulnerable container or application from a third-party service provider can provide threat actors a foothold in the cluster.”]
Source: https://www.databreachtoday.com/nsa-cisa-release-guidance-on-kubernetes-security-a-17211