+1 to this. I have the large and it’s incredible, but very much large. I can do a week out of it in the summer.

Oh good, another multitenanted security control being bounded by namespace labelling in Kubernetes. What could go wrong?

kubernetes.io/docs/concept..., h/t to @mccune.org.uk for pointing this out.

A 2025 look at real-world Kubernetes version adoption | Datadog Security Labs A 2025 look at real-world Kubernetes version adoption

We've got a new blog out looking at Kubernetes versions in use in real-world clusters, and it's actually quite good news from a security perspective.

securitylabs.datadoghq.com/articles/a-2...

Thought this was a reply to @rawkode.dev at first.

OWASP Kubernetes Top 10 2025 Survey Kubernetes SIG Security Docs subproject is starting an update of the OWASP Kubernetes Top 10 and as such want to canvas ideas on what should be included. The goal of the Top 10 is to provide awarenes...

You've got just over a week to contribute feedback for the new OWASP Kubernetes Top 10 docs.google.com/forms/d/e/1F... . Thanks to all the people who have taken the time to contribute already!

Kubernetes Community Days UK - Edinburgh 2025 | CNCF In-person Event - Kubernetes Community Days UK - Edinburgh 2025

Just under a week left until kcduk.io, hosted this year in beautiful Edinburgh. If you haven’t got a ticket yet, there are still some available. I can guarantee some excellent company and talks. Weather may vary, but the city’s still pretty in the drizzle.

Good luck coming up with an effective keymap for that bad boy.

This is just great.

Please enjoy today, 25/9/2025, the last square date until 2116 (5^2/3^2/45^2).

My talk at @containerdays.bsky.social this week was on Kubernetes and post exploitation. I've had a couple of requests for a companion blog post, so here it is. The post looks at some things attackers might do in clusters they've compromised to retain access.

raesene.github.io/blog/2025/09...

Cloud Native and Kubernetes Edinburgh September 2025, Wed, Sep 17, 2025, 6:00 PM | Meetup We're back after a summer break for our next meetup sponsored by none other than [Isovalent](https://isovalent.com/)! Doors opening at 6pm for food and drink thanks to the

The next Cloud Native and Kubernetes Edinburgh meetup is next week (Weds)! We have a top line-up with @thebsdbox.co.uk doing a deep dive on k8s networking and Ballie Gifford talking about their k8s journey.

Completely agreed. It’s possible to do multi-tenancy securely, as long as you’re aware of the edge cases which look safe but aren’t. Having processes, monitoring, and guardrails in place helps hugely with not opening up new attack vectors.

Unsurprisingly, I have opinions about Kubernetes, particularly when it comes to multitenancy and how easy it is to break out of common deployments. Today I wrote about them for @amberwolfsec.bsky.social

blog.amberwolf.com/blog/2025/se...

New dinosaur species is the punk rock version of an ankylosaur A species known only by a single rib turns out to be covered with meter-long spikes.

Babe wake up new punk rock dinosaur just dropped. arstechnica.com/science/2025...

A pika sits on a mossy rock.

Tighter crop of the same pika, focusing on its head.

An even tighter crop, focusing more on the pika's eye.

An extremely tight crop of the pika's eye, emphasizing their reflection of an early morning mountain scene.

"Pat, why do you carry that ridiculous 600mm lens on long hikes?"

Buddy, I can see mountains reflected in the eyes of a trailside pika.

www.stepsecurity.io/blog/supply-...

I’ve been considering making the switch from iPhone for a Pixel 10. Of course I managed to drop and smash the iPhone as soon as I’d clicked a trade in valuation.

Gutted to be missing this one!

Is your company hiring? Would I be useful to your team?

I think I'm ready to open discussions for 2026.

I still have commitments to finish over the next 6 months, but let's start talking.

I'm in no rush and looking to find the right product / team / company.

RTs appreciated

The camera can also act as temporary glasses when the real glasses were sat down somewhere safe, and then apparently vanished from existence.

How did you not just melt in the heat!?

Give a talk at KCD Edinburgh! You don’t even have to be funny (but it helps). CFP here: kcduk.io

Heck yes, this is incredible!

Some say the learning curve for Kubernetes is steep. Try the walk up Calton Hill!

Some musings on the use of the “exec” directive in a kubeconfig, and how they might be useful to a red teamer or other nasty internet person: blog.iainsmart.co.uk/posts/kubect...

If anyone at #KubeConEU hasn't ever tried a Tunocks caramel wafer, hit me up. I'm travelling prepared.

If you're into variant sudoku, the daily from Cracking the Cryptic's discord is an excellent puzzle today. sudokupad.app/9f1izfy5tg

Gutted to only be at two days of #KubeCon this year. Flying down tomorrow for a swift 36 hours in London catching up with some wonderful people. /honk remotely to everyone already there!

Does anyone who follows me happen to run a blog or similar which they spellcheck with cspell, and have a custom dictionary of container/Linux words?

Apparently the git repo I just ran it on has several hundred typos, but most of those are just "suid" or "containerd" or similar.

After CVE-2024-9042 dropped yesterday, I had a play about to see if I could reproduce the vuln. Spoiler alert, yes I could. I've just published some notes over on the @amberwolfsec.bsky.social blog

blog.amberwolf.com/blog/2025/ja...