Misconfigured permissions for Argo’s web-facing dashboard allow unauthenticated attackers to run code on Kubernetes targets, including cryptomining containers.