Rory McCune
LightNews LightNews
banner
mccune.org.uk
Rory McCune
@mccune.org.uk
5.7K followers 460 following 260 posts
Security geek, Containers, Kubernetes, Golang/Ruby, hillwalking

Home Page :- https://www.mccune.org.uk
Blog:- https://raesene.github.io
Posts Replies Media Videos
mccune.org.uk
wow didn't expect something like this for heroku!
February 6, 2026 at 5:01 PM
Reposted by Rory McCune
matthighton.bsky.social
If Bilbo had Chat GPT
January 27, 2026 at 4:24 PM
Reposted by Rory McCune
frichetten.com
Want a clear analysis of the latest OpenSSL CMS/PKCS#12 vulnerabilities and their real-world impact? Our post explains the conditions required for exploitation and how to evaluate practical risk in your environment.
securitylabs.datadoghq.com/articles/ope...
OpenSSL January 2026 Security Update: CMS and PKCS#12 Buffer Overflows | Datadog Security Labs
A deep dive into OpenSSL’s January 2026 CMS and PKCS#12 vulnerabilities, including a pre-auth stack overflow and a PKCS#12 parsing bug.
securitylabs.datadoghq.com
January 27, 2026 at 7:07 PM
Reposted by Rory McCune
frichetten.com
IDEs are the new browser: massive attack surface, privileged access to various things, and lots of “just trust it.” Today the Security Research Team at Datadog dropped IDE-SHEPHERD: a tool that watches extensions at runtime and blocks dangerous behavior.

securitylabs.datadoghq.com/articles/ide...
Introducing IDE-SHEPHERD: Your shield against threat actors lurking in your IDE | Datadog Security Labs
IDE-SHEPHERD is an open-source IDE security extension that provides real-time monitoring and protection for VS Code and Cursor. It intercepts malicious process executions, monitors network activity, a...
securitylabs.datadoghq.com
January 26, 2026 at 2:41 PM
Reposted by Rory McCune
kcd.ist
THE WAIT IS OVER!

CFP is finally live 💣 💥

Lessons learned, things that broke, things that worked.... Bring'em all to the stage.

Here is the link:

sessionize.com/kcd-istanbul...

#cfp #community #event #kubernetes #cncf
January 23, 2026 at 5:23 PM
Reposted by Rory McCune
whitneylee.com
Do you have a KubeCon proposal that didn't get accepted? The CFP for Cloud Native Rejekts Amsterdam is still open, until January 17!

Submit!!! ᕕ(ᐛ)ᕗ

sessionize.com/cloud-native...
Cloud Native Rejekts EU 2026: Call for Speakers
Cloud Native Rejekts is the b-side conference giving a second chance to the many wonderful, but rejected talks leading to KubeCon + CloudNativeCon.Clo...
sessionize.com
January 14, 2026 at 1:04 PM
mccune.org.uk
I've been meaning to write more about "the unpatchable 4", which are a set of Kubernetes CVEs for which there are no patches, you need to mitigate them with configuration or architecture choices.

First up is CVE-2020-8554.

securitylabs.datadoghq.com/articles/unp...
Unpatchable Vulnerabilities of Kubernetes: CVE-2020-8554 | Datadog Security Labs
A look at how Kubernetes CVE-2020-8554 works
securitylabs.datadoghq.com
January 14, 2026 at 9:46 AM
Reposted by Rory McCune
bsidesdublin.bsky.social
📢#BsidesDublin2026 - 23/05/26📢

Mark those calendars. We are back with #BsidesDublin2026 on the 23 May 2026 in Trinity Business School, Trinity College, Dublin 2.

#earlyBird tickets on sale 10am 13th January 🥳
www.bsidesdub.ie/tickets.php
Security BSides Dublin : #BSidesDUB #BSidesDublin
Security BSides Dublin is an Information Security conference, by the community, for the community. Follow: @BSidesDublin
www.bsidesdub.ie
January 8, 2026 at 6:46 PM
Reposted by Rory McCune
anacrusisnt.bsky.social
edited meme from The Good Place Ted Danson in a suit and bow tie. he is speaking in all 3 panels panel 1: dell figured it out? panel 2: dell? this is a real low point panel 3: yeah, this one hurts
January 7, 2026 at 6:07 AM
Reposted by Rory McCune
hackglasgow.bsky.social
Merry Christmas and Happy New Venue! Santa has been very kind to us and we're genuinely stoked to announce that Hack Glasgow 2026 will be hosted on Saturday 15th August at the Citizens Theatre!

You’ll hear more from us in the new year but for now, go tan that last mince pie.

Here we, here we…
HG x
December 25, 2025 at 12:01 PM
Reposted by Rory McCune
rawkode.dev
Can I temp anyone to a new season of Klustered?
Klustered '26 - Live Kubernetes Debugging Competition
Where Kubernetes clusters meet their ultimate challenge. Watch experts debug sabotaged clusters live, with real chaos and no safety nets. Sign up to compete or spectate.
klustered.dev
December 18, 2025 at 4:44 PM
Reposted by Rory McCune
kubernetes.dev
CVE-2025-13281: Portworx Half-Blind SSRF in kube-controller-manager -
CVE-2025-13281: Portworx Half-Blind SSRF in kube-controller-manager · Issue #135525 · kubernetes/kubernetes
CVSS Rating: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N - Medium (5.8) A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portw...
github.com
December 2, 2025 at 1:56 PM
Reposted by Rory McCune
rudydotca.bsky.social
who decided to call it Secret Santa when Nondisclosure Claus was right there
December 1, 2025 at 10:55 PM
Reposted by Rory McCune
jesslynnrose.bsky.social
This seems really specific, but if you're:

✅ A security engineer
✅ UK based
✅ Looking for work
✅ Someone who loves cats

There's a remote role open now at Cats Protection that you might want to check out:
IT Security Engineer at Cats Protection
Apply now for IT Security Engineer, Remote at Cats Protection
careers.cats.org.uk
December 2, 2025 at 11:10 AM
Reposted by Rory McCune
securitylabs.datadoghq.com
The November Datadog Security Digest is out!

• A 2025 look at real-world Kubernetes version adoption by @mccune.org.uk
• Datadog threat roundup: Top insights for Q3 2025
• Analyzing network traffic from coding agents

... and more!

securitylabs.datadoghq.com/newsletters/...
2025 threat reports, Kubernetes version adoption, and how attackers use AI | Datadog Security Labs
This edition covers 2025 threat reports, Kubernetes version adoption, and how attackers use AI
securitylabs.datadoghq.com
November 26, 2025 at 4:19 PM
Reposted by Rory McCune
securitylabs.datadoghq.com
A few days ago, a new piece of malware started spreading in npm, compromising and backdooring hundreds of legitimate npm packages and GitHub users. Read the analysis from our security research team:

securitylabs.datadoghq.com/articles/sha...
November 26, 2025 at 8:57 AM
Reposted by Rory McCune
ddounlimited.bsky.social
This is a great time to check out Dungeons & Dragons Online for free! Unlock dozens of quest packs at no cost with the coupon code GATHERYOURPARTY2025. Read more about this huge promotion on DDO.com: https://www.ddo.com/news/ddo-free-thankyou-2025 Available through December 31st, 2025! #DDO
A Thank You from Standing Stone Games 
Now through December 31st, 2025, enter the Coupon Code GATHERYOURPARTY2025 through Redeem Code in the DDO Store to grab 32-point builds, a premium class and race, plus 50+ quest packs, for free! Learn more on DDO.com. 
www.ddo.com
November 22, 2025 at 3:40 AM
Reposted by Rory McCune
fallingdownblue.bsky.social
I am flabbergasted that this worked with Grok.
November 20, 2025 at 10:33 PM
Reposted by Rory McCune
cstross.bsky.social
Looks like LLMs are *very* vulnerable to attack via poetic allusion: "curated poetic prompts yielded high attack-success rates (ASR), with some providers exceeding 90% ..."

https://arxiv.org/html/2511.15304v1
November 20, 2025 at 5:06 PM
Reposted by Rory McCune
eatonphil.bsky.social
Turns out you can communicate across containers via 63-bits of available space in a shared lock you acquire on /proc/self/ns/time that all processes have access to.

No networking required. The post has a demo of a chat app communicating across unprivileged containers.

h4x0r.org/funreliable/
November 12, 2025 at 2:35 PM
Reposted by Rory McCune
lookitup.baby
Hey #KubeCon, be extra kind to the staff today. One of them I chatted with yesterday whispered to me that people were giving them a hard time today
November 11, 2025 at 3:38 PM
mccune.org.uk
We've got a new blog out looking at Kubernetes versions in use in real-world clusters, and it's actually quite good news from a security perspective.

securitylabs.datadoghq.com/articles/a-2...
A 2025 look at real-world Kubernetes version adoption | Datadog Security Labs
A 2025 look at real-world Kubernetes version adoption
securitylabs.datadoghq.com
November 10, 2025 at 11:10 AM
Reposted by Rory McCune
lookitup.baby
Kubernetes SIG Security is updating the OWASP Top 10 for Kubernetes, and we're seeking community input on it!

What do you think should be included? Fill out our survey here!
OWASP Kubernetes Top 10 2025 Survey
Kubernetes SIG Security Docs subproject is starting an update of the OWASP Kubernetes Top 10 and as such want to canvas ideas on what should be included. The goal of the Top 10 is to provide awarenes...
docs.google.com
October 31, 2025 at 8:44 PM
mccune.org.uk
You've got just over a week to contribute feedback for the new OWASP Kubernetes Top 10 docs.google.com/forms/d/e/1F... . Thanks to all the people who have taken the time to contribute already!
OWASP Kubernetes Top 10 2025 Survey
Kubernetes SIG Security Docs subproject is starting an update of the OWASP Kubernetes Top 10 and as such want to canvas ideas on what should be included. The goal of the Top 10 is to provide awarenes...
docs.google.com
October 23, 2025 at 12:34 PM
mccune.org.uk
On the way home after a great @kcduk.bsky.social , thanks to all the organisers for putting on a lovely event in Edinburgh. Looking forward to hearing more about the next one once you’ve had time to recover from this one!
October 22, 2025 at 4:21 PM