Linux-Kernel

Every few kernel cycles, a release quietly shifts what is possible for the platforms running on top of it. Linux 7.0 is one of those releases. There is no single flashy new security module, no headline-grabbing feature, but there are several changes that collectively improve weak seams that cloud-native security teams have been working around for years. Before this release reached mainstream distributions, I spent a good hour working through the upstream changelog with GitHub Copilot, running multiple state-of-the-art models, cross-referencing commit messages, kernel documentation, and coverage from the broader community, and iterating until the picture was clear. ...

Kubernetes 1.33 was released on April 23, 2025, and, as usual, introduces a host of fixes and new features. Be sure to check out the release notes; I assure you, you won’t be disappointed! As the Team Leader of a DevSecOps group, I tend to focus on security features. In this article, I want to highlight the new pod support for user namespaces. This feature isn’t entirely new—it was first introduced as an Alpha feature (UserNamespacesSupport) in Kubernetes 1.28. However, as of version 1.33, it is enabled by default, and there’s no longer any need to set a Kubernetes feature flag. ...