86 stories from 20 sources
CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting Mirasvit Cache Warmer, a popular Magento f…
Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw impacting Oracle WebLogic Serv…
CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting SolarWinds Serv-U multi-protocol…
NIST Launches Centers for AI in Manufacturing and Critical Infrastructure NIST has expanded its collaboration with the nonprofit MITRE Corporation as part of its efforts to ensure U.S. leadership in artificial intellige…
CISA Announces Revised Town Hall Schedule to Engage with Stakeholders on Cyber Incident Reporting for Critical Infrastructure
CISA Unveils New Initiative to Fortify America’s Critical Infrastructure
The Convergence of Cloud Secrets & AI Risk SentinelOne’s latest report examines the evolving 'secrets' threatscape, showing how modern cloud and AI infrastructures are being exploited.
Explainable AI-Driven Cyber Risk Analytics and Model Reliability Assessment for Intelligent Governance of U.S. Critical Infrastructure: An XGBoost and SHAP-Based Intrusion Detection Framework arXiv:2606.05710v1 Announce…
Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm A new Mini Shai-Hulud supply chain attack campaign, codenamed Miasma, has compromised @redhat-cloud-services packages to steal cr…
Mitigate credential exposure in Windows environments with Boundary and Vault Learn why dynamic credentials are critical to infrastructure access and how Boundary and Vault integrate with Windows AD DS to secure RDP conn…
Ingress NGINX: Statement from the Kubernetes Steering and Security Response Committees In March 2026, Kubernetes will retire Ingress NGINX, a piece of critical infrastructure for about half of cloud native environments.…
Building a Sustainable Metals Infrastructure: NIST Report Highlights Key Strategies Making metals processing more sustainable and resilient will support U.S industrial innovation and competitiveness.
Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It Over the past several weeks, the cybersecurity community has been reminded how quickly frontier and agentic AI in defense networks c…
Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT Cybersecurity researchers have flagged a new malspam campaign that makes use of Google's DoubleClick domain as a way to evade detection and ultima…
GuardNet: Ensemble Strategies of Shallow Neural Networks for Robust Prompt Injection and Jailbreak Detection arXiv:2606.05566v1 Announce Type: new Abstract: Large Language Models (LLMs) have transformed natural language…
RedKnot: Efficient Long-Context LLM Serving with Head-Aware KV Reuse and SegPagedAttention arXiv:2606.06256v1 Announce Type: new Abstract: As the input length of large language model (LLM) serving continues to grow, the…
Rethinking Infrastructure Inspection as Image Difference Classification: A Traffic Sign Case Study arXiv:2606.06375v1 Announce Type: new Abstract: Digital twins (DTs) allow the digitalization of road infrastructure insp…
ADK Arena: Evaluating Agent Development Kits via LLM-as-a-Developer arXiv:2606.05548v1 Announce Type: cross Abstract: The rapid proliferation of Agent Development Kits (ADKs), SDK-level frameworks for building LLM-power…
Data Flow Control: Data Safety Policies for AI Agents arXiv:2606.05679v1 Announce Type: cross Abstract: Agents increasingly generate SQL, orchestrate pipelines, and automate data analysis on behalf of users. While recen…
Cognitive Threat Intelligence and Explainable Federated Security Analytics for distributed Infrastructure Systems arXiv:2606.05701v1 Announce Type: cross Abstract: The increasing adoption of distributed infrastructure s…
Microskill Architecture: A Modular Skill-Driven Framework for AI-Native Code Generation arXiv:2606.05720v1 Announce Type: cross Abstract: Large language models and AI coding agents have reshaped software development, bu…
Rethinking infrastructure access in the age of agentic AI HashiCorp Boundary enables secure agentic AI at scale with unique identities, JIT credentials, explicit delegation, point-of-use enforcement, and auditable contr…
Lights Out, Systems On: Validating Instant Power Loss Readiness We’re introducing Instantaneous PowerLoss Storm, a new testing paradigm within Meta’s infrastructure for handling and mitigating instant or zero-notice pow…
HCP Terraform adds project-level run tasks HCP Terraform now supports project-level run tasks, enabling organizations to apply security, compliance, and operational guardrails consistently across groups of workspaces wh…
How we reduced core unit boot time from hours to minutes We investigated why firmware updates were causing our core servers to take four hours to reboot. By diving into UEFI data structures and iPXE automation, we elimi…
Vulnerability Disclosure in the Age of AI New article: “ Responsible Disclosure in the Age of AI: A Call for Urgent Action ,” by Melissa Hathaway. Abstract: Artificial intelligence is fundamentally reshaping the balance…
State Cyber Leaders Push Congress for More Funding, Support A recent congressional hearing highlighted how states are reeling from federal cutbacks to important cybergrants and information-sharing initiatives amid damag…
Reconciling the Past: Correcting Records for Unfixed Kubernetes CVEs The Kubernetes project relies on transparency to empower cluster administrators and security researchers. One important way we do that is by publishin…
Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to ca…
Announcing etcd 3.7.0-beta.0 SIG-Etcd announces the availability of the first beta release of etcd v3.7.0 . This new version of the popular distributed database and key Kubernetes component includes the long-requested R…
Kubernetes v1.36: Mixed Version Proxy Graduates to Beta Back in Kubernetes 1.28, we introduced the Mixed Version Proxy (MVP) as an Alpha feature (under the feature gate UnknownVersionInteroperabilityProxy ) in a previou…
Kubernetes v1.36: Advancing Workload-Aware Scheduling AI/ML and batch workloads introduce unique scheduling challenges that go beyond simple Pod-by-Pod scheduling. In Kubernetes v1.35, we introduced the first tranche of…
Kubernetes v1.36: PSI Metrics for Kubernetes Graduates to GA Since its original implementation in the Linux kernel in 2018, Pressure Stall Information (PSI) has provided users with the high-fidelity signals needed to id…
A Hackers Guide to Circumventing Internet Shutdowns Internet shutdowns are devastating for human rights . When people are disconnected from the internet and digital services, it impacts all aspects of their life—from ac…
Terraform adds cost visibility, project-level notifications, and more HCP Terraform and Terraform Enterprise continue to reduce operational overhead and strengthen governance and security across the entire infrastructur…
Kubernetes v1.36: Moving Volume Group Snapshots to GA Volume group snapshots were introduced as an Alpha feature with the Kubernetes v1.27 release, moved to Beta in v1.32, and to a second Beta in v1.34. We are excited t…
Kubernetes v1.36: Server-Side Sharded List and Watch As Kubernetes clusters grow to tens of thousands of nodes, controllers that watch high-cardinality resources like Pods face a scaling wall. Every replica of a horizon…
Kubernetes v1.36: Declarative Validation Graduates to GA In Kubernetes v1.36, Declarative Validation for Kubernetes native types has reached General Availability (GA). For users, this means more reliable, predictable, a…
Introducing HCP Terraform powered by Infragraph - now in public preview Hybrid and multi-cloud estates create data silos. HCP Terraform powered by Infragraph provides a single source of truth to help optimize and secure…
Kubernetes v1.36: Pod-Level Resource Managers (Alpha) Kubernetes v1.36 introduces Pod-Level Resource Managers as an alpha feature, bringing a more flexible and powerful resource management model to performance-sensitive…
How Vault Secrets Operator (VSO) automates secret management for enterprises on Kubernetes See how HashiCorp Vault Secrets Operator (VSO) perfects secret delivery in Kubernetes or Red Hat OpenShift to enable secure auto…
Kubernetes v1.36: In-Place Vertical Scaling for Pod-Level Resources Graduates to Beta Following the graduation of Pod-Level Resources to Beta in v1.34 and the General Availability (GA) of In-Place Pod Vertical Scaling i…
EFF Submission to UN Report on the Role of Media in the Context of Israel’s Policies Toward Palestinians The UN Special Rapporteur on the situation of human rights in the Palestinian territories occupied since 1967 rece…
Kubernetes v1.36: Tiered Memory Protection with Memory QoS On behalf of SIG Node, we are pleased to announce updates to the Memory QoS feature (alpha) in Kubernetes v1.36. Memory QoS uses the cgroup v2 memory controller…
The Open Social Web Needs Section 230 to Survive If you want to overthrow Big Tech, you’ll need Section 230. The paradigm shift being built with the Open Social Web can put communities back in control of social media in…
Kubernetes v1.36: Staleness Mitigation and Observability for Controllers Staleness in Kubernetes controllers is a problem that affects many controllers, and is something may affect controller behavior in subtle ways. It…
Shutdowns, power outages, and conflict: a review of Q1 2026 Internet disruptions The first quarter of 2026 saw a surge in Internet disruptions, from nationwide shutdowns in Uganda and Iran to unprecedented drone strikes…
Kubernetes v1.36: Mutable Pod Resources for Suspended Jobs (beta) Kubernetes v1.36 promotes the ability to modify container resource requests and limits in the pod template of a suspended Job to beta. First introduced a…
Kubernetes v1.36: Fine-Grained Kubelet API Authorization Graduates to GA On behalf of Kubernetes SIG Auth and SIG Node, we are pleased to announce the graduation of fine-grained kubelet API authorization to General Avai…
Kubernetes v1.36: User Namespaces in Kubernetes are finally GA After several years of development, User Namespaces support in Kubernetes reached General Availability (GA) with the v1.36 release. This is a Linux-only fea…
SELinux Volume Label Changes goes GA (and likely implications in v1.37) If you run Kubernetes on Linux with SELinux in enforcing mode, plan ahead: a future release (anticipated to be v1.37) is expected to turn the SELin…
Capacity Efficiency at Meta: How Unified AI Agents Optimize Performance at Hyperscale We’re sharing insights into Meta’s Capacity Efficiency Program, where we’ve built an AI agent platform that helps automate finding an…
Harshita Arora Joins YC as General Partner We're thrilled to announce that Harshita Arora is joining Y Combinator as a General Partner. She brings deep fintech and infrastructure experience, a founder's instinct for pro…
Before You Migrate: Five Surprising Ingress-NGINX Behaviors You Need to Know As announced November 2025, Kubernetes will retire Ingress-NGINX in March 2026. Despite its widespread usage, Ingress-NGINX is full of surpris…
Introducing Node Readiness Controller In the standard Kubernetes model, a node’s suitability for workloads hinges on a single binary "Ready" condition. However, in modern Kubernetes environments, nodes require complex i…
New Conversion from cgroup v1 CPU Shares to v2 CPU Weight I'm excited to announce the implementation of an improved conversion formula from cgroup v1 CPU shares to cgroup v2 CPU weight. This enhancement addresses critic…
Announcing the Checkpoint/Restore Working Group The community around Kubernetes includes a number of Special Interest Groups (SIGs) and Working Groups (WGs) facilitating discussions on important topics between intereste…
Uniform API server access using clientcmd If you've ever wanted to develop a command line client for a Kubernetes API, especially if you've considered making your client usable as a kubectl plugin, you might have wonder…
Kubernetes v1.35: Restricting executables invoked by kubeconfigs via exec plugin allowList added to kuberc Did you know that kubectl can run arbitrary executables, including shell scripts, with the full privileges of th…
Kubernetes v1.35: Mutable PersistentVolume Node Affinity (alpha) The PersistentVolume node affinity API dates back to Kubernetes v1.10. It is widely used to express that volumes may not be equally accessible by all node…