Critical Vulnerability in Data Centre Configuration Tool Gives “Full Remote Command Execution as Root" April 30, 2020 https://www.cbronline.com/cybersecurity/threats/salt-vulnerability-f-secure/
Hackers breach LineageOS servers via unpatched vulnerability LineageOS source code, OS builds, and signing keys were unaffected, developers said May 3, 2020 https://www.zdnet.com/article/hackers-breach-lineageos-servers-via-unpatched-vulnerability/
Ghost blogging platform servers hacked and infected with crypto-miner ...same vulnerability that allowed hackers to breach LineageOS servers hours before May 3, 2020 https://www.zdnet.com/article/ghost-blogging-platform-servers-hacked-and-infected-with-crypto-miner/
one more victim (DigiCert) Recent Salt Vulnerabilities Exploited to Hack LineageOS, Ghost, DigiCert Servers May 4, 2020 https://www.securityweek.com/recent...ploited-hack-lineageos-ghost-digicert-servers
Search provider Algolia discloses security incident due to Salt vulnerability Algolia now joins the ranks of LineageOS, Ghost, Digicert, and Xen Orchestra May 6, 2020 https://www.zdnet.com/article/searc...-security-incident-due-to-salt-vulnerability/
VMware to Patch Recent Salt Vulnerabilities in vROps May 11, 2020 https://www.securityweek.com/vmware-patch-recent-salt-vulnerabilities-vrops
Cisco discloses security breach that impacted VIRL-PE infrastructure Hackers used vulnerabilities in the SaltStack data center software to breach six Cisco servers May 28, 2020 https://www.zdnet.com/article/cisco-discloses-security-breach-that-impacted-virl-pe-infrastructure/
Cisco Announces Patches to SaltStack May 29, 2020 https://www.darkreading.com/vulnera...announces-patches-to-saltstack/d/d-id/1337954 Cisco Releases Security Updates for CML and VIRL-PE
SaltStack reveals new critical vulnerabilities, patch now November 3, 2020 https://www.bleepingcomputer.com/ne...veals-new-critical-vulnerabilities-patch-now/
Detailing SaltStack Salt Command Injection Vulnerabilities November 24, 2020 https://www.zerodayinitiative.com/b...tstack-salt-command-injection-vulnerabilities