Security Updates¶
Security updates summarize Kubernetes-relevant advisories and vulnerabilities with direct remediation guidance.
| Date | Update | Summary |
|---|---|---|
| 2025-04-08 | Aqua Security Achieves FedRAMP® High Authorization | Aqua Security’s Cloud Native Application Protection Platform (CNAPP) has achieved FedRAMP® High Impact Authorization, making Aqua one of the few CNAPP providers authorized at the highest level of federal cloud security c |
| 2025-04-02 | Tomcat in the Crosshairs: New Research Reveals Ongoing Attacks | News headlines reported that it took just 30 hours for attackers to exploit a newly discovered vulnerability in Apache Tomcat servers. |
| 2025-03-26 | IngressNightmare Advisory Briefing (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974) | Cluster impact, affected ingress-nginx versions, and response checklist for IngressNightmare vulnerabilities. |
| 2025-03-16 | CVE-2025-30066 Advisory Briefing (GitHub Actions Supply Chain) | How CVE-2025-30066 impacts Kubernetes delivery pipelines and what platform teams should rotate and harden. |
| 2025-03-11 | Sobolan Malware Briefing for Notebook Workloads | Security implications of Sobolan malware campaigns against Jupyter-style workloads in Kubernetes environments. |