Skip to content
Threat Feed

Vendor

Azure

1 brief RSS
high advisory

Kubernetes Pod Exec Cloud Instance Metadata Access

Detection of Kubernetes pod exec sessions accessing cloud instance metadata endpoints, indicating potential credential theft from AWS, GCP, or Azure.

AWS IMDS +2 kubernetes cloud credential_access execution
2r 2t 1i