#security (2022-03)
Archive: https://archive.sweetops.com/security/
2022-03-17
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
Zachary Loeber
New Vulnerability in CRI-O Engine Lets Attackers Escape Kubernetes Containers![attachment image](https://thehackernews.com/new-images/img/a/AVvXsEgq_gLSvfXm8qlAZRK_vTTc6_bLiznrZuXtNC2bJFIPFLtThL9PyI97t-gCafataW96ItA8Sq7lNY6eI1DMNrRqWMotA5q-rmDmw3EyZeeiMDrt9xlcNH3MfLcAZlAe3eZDBwJdV-dxK-QEb7IguGpz-IDY--CBzugM8yqCOax6dQSs29xWTYvbYG3f=s728-e1000)
A new vulnerability in the CRI-O engine allows attackers to escape Kubernetes containers and gain root access.
2022-03-19
![Jim Park avatar](https://secure.gravatar.com/avatar/e166c478c5b78e93a5fb116d92a2dc7e.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0022-72.png)
Jim Park
https://arstechnica.com/information-technology/2022/03/sabotage-code-added-to-popular-npm-package-wiped-files-in-russia-and-belarus/ TL;DR: open source developer releases protestware in popular node library that wipes computers with russian / belarusian ips.
Sabotage: Code added to popular NPM package wiped files in Russia and Belarus![attachment image](https://cdn.arstechnica.net/wp-content/uploads/2022/03/delete-erase-wipe-760x380.jpeg)
![attachment image](https://cdn.arstechnica.net/wp-content/uploads/2022/03/delete-erase-wipe-760x380.jpeg)
When code with millions of downloads nukes user files, bad things can happen.
2022-03-21
![jaydhulia avatar](https://avatars.slack-edge.com/2021-07-29/2313347024695_8e1557ed1b24f0e751d5_72.png)
jaydhulia
![attachment image](https://pbs.twimg.com/media/FObGSr8VIAcOyh2.jpg)
Oh man, if this it what it looks (Okta got popped)… Blue Team everywhere is gonna be crazy busy. https://pbs.twimg.com/media/FObGSr8VIAcOyh2.jpg
2022-03-26
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Erik Osterman (Cloud Posse)
Google Issues Emergency Security Warning For 3.2 Billion Chrome Users—Attacks Underway![attachment image](https://imageio.forbes.com/specials-images/imageserve/61b865fd77a7270e1c0d569a/0x0.jpg?format=jpg&width=1200)
![attachment image](https://imageio.forbes.com/specials-images/imageserve/61b865fd77a7270e1c0d569a/0x0.jpg?format=jpg&width=1200)
Google confirms an emergency Chrome update as attackers strike