Rory McCune
@mccune.org.uk
Security geek, Containers, Kubernetes, Golang/Ruby, hillwalking
Home Page :- https://www.mccune.org.uk
Blog:- https://raesene.github.io
Home Page :- https://www.mccune.org.uk
Blog:- https://raesene.github.io
Reposted by Rory McCune
CVE-2025-13281: Portworx Half-Blind SSRF in kube-controller-manager -
CVE-2025-13281: Portworx Half-Blind SSRF in kube-controller-manager · Issue #135525 · kubernetes/kubernetes
CVSS Rating: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N - Medium (5.8) A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portw...
github.com
December 2, 2025 at 1:56 PM
CVE-2025-13281: Portworx Half-Blind SSRF in kube-controller-manager -
Reposted by Rory McCune
who decided to call it Secret Santa when Nondisclosure Claus was right there
December 1, 2025 at 10:55 PM
who decided to call it Secret Santa when Nondisclosure Claus was right there
Reposted by Rory McCune
This seems really specific, but if you're:
✅ A security engineer
✅ UK based
✅ Looking for work
✅ Someone who loves cats
There's a remote role open now at Cats Protection that you might want to check out:
✅ A security engineer
✅ UK based
✅ Looking for work
✅ Someone who loves cats
There's a remote role open now at Cats Protection that you might want to check out:
IT Security Engineer at Cats Protection
Apply now for IT Security Engineer, Remote at Cats Protection
careers.cats.org.uk
December 2, 2025 at 11:10 AM
This seems really specific, but if you're:
✅ A security engineer
✅ UK based
✅ Looking for work
✅ Someone who loves cats
There's a remote role open now at Cats Protection that you might want to check out:
✅ A security engineer
✅ UK based
✅ Looking for work
✅ Someone who loves cats
There's a remote role open now at Cats Protection that you might want to check out:
Reposted by Rory McCune
The November Datadog Security Digest is out!
• A 2025 look at real-world Kubernetes version adoption by @mccune.org.uk
• Datadog threat roundup: Top insights for Q3 2025
• Analyzing network traffic from coding agents
... and more!
securitylabs.datadoghq.com/newsletters/...
• A 2025 look at real-world Kubernetes version adoption by @mccune.org.uk
• Datadog threat roundup: Top insights for Q3 2025
• Analyzing network traffic from coding agents
... and more!
securitylabs.datadoghq.com/newsletters/...
2025 threat reports, Kubernetes version adoption, and how attackers use AI | Datadog Security Labs
This edition covers 2025 threat reports, Kubernetes version adoption, and how attackers use AI
securitylabs.datadoghq.com
November 26, 2025 at 4:19 PM
The November Datadog Security Digest is out!
• A 2025 look at real-world Kubernetes version adoption by @mccune.org.uk
• Datadog threat roundup: Top insights for Q3 2025
• Analyzing network traffic from coding agents
... and more!
securitylabs.datadoghq.com/newsletters/...
• A 2025 look at real-world Kubernetes version adoption by @mccune.org.uk
• Datadog threat roundup: Top insights for Q3 2025
• Analyzing network traffic from coding agents
... and more!
securitylabs.datadoghq.com/newsletters/...
Reposted by Rory McCune
A few days ago, a new piece of malware started spreading in npm, compromising and backdooring hundreds of legitimate npm packages and GitHub users. Read the analysis from our security research team:
securitylabs.datadoghq.com/articles/sha...
securitylabs.datadoghq.com/articles/sha...
November 26, 2025 at 8:57 AM
A few days ago, a new piece of malware started spreading in npm, compromising and backdooring hundreds of legitimate npm packages and GitHub users. Read the analysis from our security research team:
securitylabs.datadoghq.com/articles/sha...
securitylabs.datadoghq.com/articles/sha...
Reposted by Rory McCune
This is a great time to check out Dungeons & Dragons Online for free! Unlock dozens of quest packs at no cost with the coupon code GATHERYOURPARTY2025. Read more about this huge promotion on DDO.com: https://www.ddo.com/news/ddo-free-thankyou-2025 Available through December 31st, 2025! #DDO
A Thank You from Standing Stone Games
Now through December 31st, 2025, enter the Coupon Code GATHERYOURPARTY2025 through Redeem Code in the DDO Store to grab 32-point builds, a premium class and race, plus 50+ quest packs, for free! Learn more on DDO.com.
www.ddo.com
November 22, 2025 at 3:40 AM
This is a great time to check out Dungeons & Dragons Online for free! Unlock dozens of quest packs at no cost with the coupon code GATHERYOURPARTY2025. Read more about this huge promotion on DDO.com: https://www.ddo.com/news/ddo-free-thankyou-2025 Available through December 31st, 2025! #DDO
Reposted by Rory McCune
I am flabbergasted that this worked with Grok.
November 20, 2025 at 10:33 PM
I am flabbergasted that this worked with Grok.
Reposted by Rory McCune
Looks like LLMs are *very* vulnerable to attack via poetic allusion: "curated poetic prompts yielded high attack-success rates (ASR), with some providers exceeding 90% ..."
https://arxiv.org/html/2511.15304v1
https://arxiv.org/html/2511.15304v1
November 20, 2025 at 5:06 PM
Looks like LLMs are *very* vulnerable to attack via poetic allusion: "curated poetic prompts yielded high attack-success rates (ASR), with some providers exceeding 90% ..."
https://arxiv.org/html/2511.15304v1
https://arxiv.org/html/2511.15304v1
Reposted by Rory McCune
Turns out you can communicate across containers via 63-bits of available space in a shared lock you acquire on /proc/self/ns/time that all processes have access to.
No networking required. The post has a demo of a chat app communicating across unprivileged containers.
h4x0r.org/funreliable/
No networking required. The post has a demo of a chat app communicating across unprivileged containers.
h4x0r.org/funreliable/
November 12, 2025 at 2:35 PM
Turns out you can communicate across containers via 63-bits of available space in a shared lock you acquire on /proc/self/ns/time that all processes have access to.
No networking required. The post has a demo of a chat app communicating across unprivileged containers.
h4x0r.org/funreliable/
No networking required. The post has a demo of a chat app communicating across unprivileged containers.
h4x0r.org/funreliable/
Reposted by Rory McCune
Hey #KubeCon, be extra kind to the staff today. One of them I chatted with yesterday whispered to me that people were giving them a hard time today
November 11, 2025 at 3:38 PM
Hey #KubeCon, be extra kind to the staff today. One of them I chatted with yesterday whispered to me that people were giving them a hard time today
We've got a new blog out looking at Kubernetes versions in use in real-world clusters, and it's actually quite good news from a security perspective.
securitylabs.datadoghq.com/articles/a-2...
securitylabs.datadoghq.com/articles/a-2...
A 2025 look at real-world Kubernetes version adoption | Datadog Security Labs
A 2025 look at real-world Kubernetes version adoption
securitylabs.datadoghq.com
November 10, 2025 at 11:10 AM
We've got a new blog out looking at Kubernetes versions in use in real-world clusters, and it's actually quite good news from a security perspective.
securitylabs.datadoghq.com/articles/a-2...
securitylabs.datadoghq.com/articles/a-2...
Reposted by Rory McCune
Kubernetes SIG Security is updating the OWASP Top 10 for Kubernetes, and we're seeking community input on it!
What do you think should be included? Fill out our survey here!
What do you think should be included? Fill out our survey here!
OWASP Kubernetes Top 10 2025 Survey
Kubernetes SIG Security Docs subproject is starting an update of the OWASP Kubernetes Top 10 and as such want to canvas ideas on what should be included.
The goal of the Top 10 is to provide awarenes...
docs.google.com
October 31, 2025 at 8:44 PM
Kubernetes SIG Security is updating the OWASP Top 10 for Kubernetes, and we're seeking community input on it!
What do you think should be included? Fill out our survey here!
What do you think should be included? Fill out our survey here!
You've got just over a week to contribute feedback for the new OWASP Kubernetes Top 10 docs.google.com/forms/d/e/1F... . Thanks to all the people who have taken the time to contribute already!
OWASP Kubernetes Top 10 2025 Survey
Kubernetes SIG Security Docs subproject is starting an update of the OWASP Kubernetes Top 10 and as such want to canvas ideas on what should be included.
The goal of the Top 10 is to provide awarenes...
docs.google.com
October 23, 2025 at 12:34 PM
You've got just over a week to contribute feedback for the new OWASP Kubernetes Top 10 docs.google.com/forms/d/e/1F... . Thanks to all the people who have taken the time to contribute already!
On the way home after a great @kcduk.bsky.social , thanks to all the organisers for putting on a lovely event in Edinburgh. Looking forward to hearing more about the next one once you’ve had time to recover from this one!
October 22, 2025 at 4:21 PM
On the way home after a great @kcduk.bsky.social , thanks to all the organisers for putting on a lovely event in Edinburgh. Looking forward to hearing more about the next one once you’ve had time to recover from this one!
Reposted by Rory McCune
I'm not sure about @randyshoup.bsky.social (who is a great speaker!) but I really had to work at presentations and talks. It didn't come naturally.
So don't worry if you're nervous or your first talks aren't amazing. It's something that definitely gets easier with practice!
So don't worry if you're nervous or your first talks aren't amazing. It's something that definitely gets easier with practice!
As evidenced by you and me, amirite?
October 22, 2025 at 10:21 AM
I'm not sure about @randyshoup.bsky.social (who is a great speaker!) but I really had to work at presentations and talks. It didn't come naturally.
So don't worry if you're nervous or your first talks aren't amazing. It's something that definitely gets easier with practice!
So don't worry if you're nervous or your first talks aren't amazing. It's something that definitely gets easier with practice!
Reposted by Rory McCune
@mt165.co.uk it's talking about trade and geography in Scotland. But he showed a map of Scotland without Shetland. Which is basically a diplomatic incident as far as I'm concerned.
October 21, 2025 at 9:08 AM
@mt165.co.uk it's talking about trade and geography in Scotland. But he showed a map of Scotland without Shetland. Which is basically a diplomatic incident as far as I'm concerned.
Reposted by Rory McCune
😈 Copilot Studio agents are great for users... and attackers! Check out our deep-dive on why you should be careful to trust unknown agents, plus background on upcoming app consent changes that will help prevent our demo scenario.
securitylabs.datadoghq.com/articles/cop...
securitylabs.datadoghq.com/articles/cop...
CoPhish: Using Microsoft Copilot Studio as a wrapper for OAuth phishing | Datadog Security Labs
Copilot Studio links look benign, but they can host content to redirect users to arbitrary URLs. In this post, we document a method by which a Copilot Studio agent's login settings can redirect a user...
securitylabs.datadoghq.com
October 20, 2025 at 1:24 PM
😈 Copilot Studio agents are great for users... and attackers! Check out our deep-dive on why you should be careful to trust unknown agents, plus background on upcoming app consent changes that will help prevent our demo scenario.
securitylabs.datadoghq.com/articles/cop...
securitylabs.datadoghq.com/articles/cop...
Reposted by Rory McCune
Our final ticket release is at 1337hrs on 11/11/25, they're only available on our Eventbrite page, if none are shown, they are all gone, no code is required for to get one.
If you have a ticket and can longer go, cancel your ticket so someone else can!
#BSidesLDN2025 #Tickets
If you have a ticket and can longer go, cancel your ticket so someone else can!
#BSidesLDN2025 #Tickets
October 17, 2025 at 8:51 AM
Our final ticket release is at 1337hrs on 11/11/25, they're only available on our Eventbrite page, if none are shown, they are all gone, no code is required for to get one.
If you have a ticket and can longer go, cancel your ticket so someone else can!
#BSidesLDN2025 #Tickets
If you have a ticket and can longer go, cancel your ticket so someone else can!
#BSidesLDN2025 #Tickets
Reposted by Rory McCune
Holy guacamole, this could be the weirdest story I ever worked on. www.nytimes.com/2025/10/16/s...
A C.I.A. Secret Kept for 35 Years Is Found in the Smithsonian’s Vault
www.nytimes.com
October 16, 2025 at 10:50 AM
Holy guacamole, this could be the weirdest story I ever worked on. www.nytimes.com/2025/10/16/s...
Reposted by Rory McCune
📚 The 2nd edition of 🔒Container Security 🔒 is out now! 📚
bookshop.org/p/books/cont...
bookshop.org/p/books/cont...
Container Security: Fundamental Technology Concepts That Protect Cloud Native Applications
Fundamental Technology Concepts That Protect Cloud Native Applications
bookshop.org
October 12, 2025 at 5:31 PM
📚 The 2nd edition of 🔒Container Security 🔒 is out now! 📚
bookshop.org/p/books/cont...
bookshop.org/p/books/cont...
Reposted by Rory McCune
Folks who think "cats are not loving" have never been loved by a cat.
October 9, 2025 at 7:25 PM
Folks who think "cats are not loving" have never been loved by a cat.
Reposted by Rory McCune
Our State of Cloud Security 2025 study is out!
www.datadoghq.com/state-of-clo...
• On AWS, 40% of organizations leverage data perimeters
• 11% of Google Cloud GKE and 23% of Google Cloud VMs are overprivileged
• On Azure, 1.3% of storage containers are public, 58% proactively block public access
www.datadoghq.com/state-of-clo...
• On AWS, 40% of organizations leverage data perimeters
• 11% of Google Cloud GKE and 23% of Google Cloud VMs are overprivileged
• On Azure, 1.3% of storage containers are public, 58% proactively block public access
State of Cloud Security | Datadog
For our 2025 report, we analyzed AWS, Google Cloud, and Azure data from thousands of organizations to understand the latest trends in cloud security posture.
www.datadoghq.com
October 8, 2025 at 9:10 PM
Our State of Cloud Security 2025 study is out!
www.datadoghq.com/state-of-clo...
• On AWS, 40% of organizations leverage data perimeters
• 11% of Google Cloud GKE and 23% of Google Cloud VMs are overprivileged
• On Azure, 1.3% of storage containers are public, 58% proactively block public access
www.datadoghq.com/state-of-clo...
• On AWS, 40% of organizations leverage data perimeters
• 11% of Google Cloud GKE and 23% of Google Cloud VMs are overprivileged
• On Azure, 1.3% of storage containers are public, 58% proactively block public access
Reposted by Rory McCune
When it comes to #K8s security, we don’t just say we care. We double down on what makes a system fundamentally secure.
And that's the topic of our next webinar.
📅 Thurs Oct 9 @ 18:00 CEST
🎙️ Justin Garrison + Rory McCune
Join us --> streamyard.com/watch/cmw4tY...
And that's the topic of our next webinar.
📅 Thurs Oct 9 @ 18:00 CEST
🎙️ Justin Garrison + Rory McCune
Join us --> streamyard.com/watch/cmw4tY...
Is your Kubernetes secure?
Kubernetes is not secure by default. Default configurations often lack the stringent security controls needed to protect across bare metal and edge. Its broad attack surface demands additional…
streamyard.com
October 8, 2025 at 8:01 AM
When it comes to #K8s security, we don’t just say we care. We double down on what makes a system fundamentally secure.
And that's the topic of our next webinar.
📅 Thurs Oct 9 @ 18:00 CEST
🎙️ Justin Garrison + Rory McCune
Join us --> streamyard.com/watch/cmw4tY...
And that's the topic of our next webinar.
📅 Thurs Oct 9 @ 18:00 CEST
🎙️ Justin Garrison + Rory McCune
Join us --> streamyard.com/watch/cmw4tY...
Calling all Kubernetes security interested folk. We're planning the next version of the OWASP Kubernetes Top 10, and have a survey to solicit ideas and feedback here docs.google.com/forms/d/e/1F... . Shouldn't take more than a couple of minutes to fill out and all feedback's welcome!
OWASP Kubernetes Top 10 2025 Survey
We're looking to update the OWASP Kubernetes Top 10 and as such want to canvas ideas on what should be included.
The goal of the Top 10 is to provide awareness on the most serious risks that Kubernet...
docs.google.com
October 6, 2025 at 1:10 PM
Calling all Kubernetes security interested folk. We're planning the next version of the OWASP Kubernetes Top 10, and have a survey to solicit ideas and feedback here docs.google.com/forms/d/e/1F... . Shouldn't take more than a couple of minutes to fill out and all feedback's welcome!
Reposted by Rory McCune
The team formerly behind RubyGems has come together to launch a new gem server for the Ruby community!
gem.coop
I am *super* excited about this!
gem.coop
I am *super* excited about this!
gem.coop
gem.coop
October 6, 2025 at 4:33 AM
The team formerly behind RubyGems has come together to launch a new gem server for the Ruby community!
gem.coop
I am *super* excited about this!
gem.coop
I am *super* excited about this!