SYSTEM-level command injection by way of API parameter *chef’s kiss*
A now-fixed command-injection bug in Kubernetes will be exploited by a distant attacker to realize code execution with SYSTEM privileges on all Home windows endpoints in a cluster, and thus absolutely take over these techniques, in response to Akamai researcher Tomer Peled.…