SaltStack CVE-2020-11651 and CVE-2020-11652 Attack
May 5, 7:00PM PST:
If you are reading this for the first time now, you will now need to nuke and destroy any system paired (e.g. minions) to an exploitable salt master. You should also create a new salt master. I recommend creating a backup first for forensics, but do not plan on ever reusing these systems. Information on how to tell if you could be affected is available below.