深度解析CVE-2025-1974:Kubernetes Ingress-NGINX控制器的远程代码执行漏洞

CVE-2025-1974 是一个允许未经身份验证的攻击者在特定条件下访问Pod网络,并在 NGINX Ingress控制器 的上下文中执行任意代码的高危漏洞。该漏洞的CVSS评分高达9.8,属于“严重”级别。攻击者可以利用该漏洞注入恶意配置,进而实现远程代码执行(RCE),这可能导致敏感信息泄露,甚至完全控制Kubernetes集群。
InfoQ

Microsoft Adds Support for Pod Sandboxing to Azure Kubernetes Service

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
SDxCentral

Google Cloud gifts AI agents for Kubernetes anniversary

Google Cloud has added agentic AI capabilities for Kubernetes workloads with updates to the Google Kubernetes Engine (GKE).

Devtron’s new AI agent optimizes Kubernetes performance and cost so humans don’t have to

With today’s release, Devtron is getting a major revamp with its “Agentic SRE,” which is an artificial intelligence agent ...
Computer Weekly

Fair winds ahead, StormForge ‘bi-dimensional’ Kubernetes pod autoscaling

The latest trends in software development from the Computer Weekly Application Developer Network. StormForge is a cloud-native application performance testing and resource optimization company. The ...
Computer Weekly

Storage technology explained: Kubernetes, containers and persistent storage

Containerisation is synonymous with cloud-native application development, and Kubernetes is key among container orchestration platforms available. In this article, we look at containerisation, what ...
Tech Times

Causely Launches MCP Server for Automated Issue Resolution in Kubernetes

Causely announced the release of the new Causely MCP Server, a powerful tool designed to streamline and automate ...