kubernetes

A deceptively small flaw in Helm’s dependency update path can let a malicious chart turn a routine developer action into local code execution — an issue tracked as CVE-2025-53547 and fixed in Helm v3.18.4. The bug hinges on how fields from a crafted Chart.yaml are carried into Chart.lock and how...

A specially crafted Helm chart archive can expand into an enormous decompressed payload that exhausts available memory and kills the Helm process — a denial‑of‑service vector tracked as CVE‑2025‑32386 — and while Microsoft’s update guide currently names Azure Linux as a product that “includes...

Podman’s kube play command contains a symlink traversal flaw that can let a malicious or compromised container cause Podman to overwrite arbitrary files on the host filesystem — a high‑severity integrity and availability risk that was fixed in Podman v5.6.1 but remains a critical operational...

Certifications remain one of the fastest, most visible ways for developers to signal skill and land higher-paying roles in 2026 — but the landscape has shifted. Analytics Insight’s recent roundup of the “Most In‑Demand Programming Certifications 2026” mapped the headline winners (cloud, AI/ML...

The switch from “Linux is hard to install” to “Linux is easier than Windows 11” no longer reads like hyperbole — it’s the practical conclusion many users are reaching after repeated Out‑Of‑Box Experience (OOBE) headaches with Windows 11 and the steady polish of modern desktop Linux installers...

Azure’s container story is shifting from “you manage the plumbing” to “we manage the plumbing — and the plumbing auto‑scales, auto‑secures, and plugs into AI,” and that shift was on full display in the Azure CTO Mark Russinovich keynote and follow‑ups that outlined what’s next for Azure...

A critical KEDA vulnerability — tracked as CVE-2025-68476 — allows an attacker with the ability to create or modify TriggerAuthentication resources to read arbitrary files from the node filesystem by abusing the HashiCorp Vault service account credential handling in vulnerable KEDA releases, and...

Infrastructure as Code (IaC) is no longer an optional convenience for serious DevOps teams — it’s a foundational discipline that governs speed, repeatability, security, and cost control across cloud, container and hybrid platforms in 2025. The recent ET CIO roundup of the “10 Best IaC Tools for...

Microsoft’s recent push to make Azure Kubernetes Service (AKS) friendlier to AI workloads and less hostile to everyday operators marks one of the clearest signals yet that the company intends to make Kubernetes both more capable and more approachable for mainstream enterprise teams. The wave of...

Red Hat OpenShift at the Edge has emerged as one of the most architecturally ambitious and commercially visible choices for enterprise edge computing, promising a single, secure Kubernetes stack that can scale from tightly constrained device-edge appliances to multi‑node near‑edge clusters while...

The Server Side’s recent roundup of practice material for Microsoft’s Azure certifications functions as both a practical study roadmap and a disciplined warning about the exam‑dump economy — and it also doubles as an unexpected primer on cloud‑native operational best practices that every...

Anyscale and Microsoft have launched a co‑engineered, first‑party Azure service that brings Ray’s AI‑native distributed compute into Azure as a fully managed offering, entering private preview on November 4, 2025 and positioned for general availability in 2026. Background Modern AI workloads...

Microsoft’s cloud stack suffered a high‑visibility disruption that left Microsoft 365 users locked out of Teams, Azure admin consoles and even Minecraft authentication for several hours, with engineers tracing the fault to Azure Front Door capacity and routing issues that required targeted...

Microsoft Azure customers reported widespread trouble accessing the Azure Portal and other services on October 9, 2025, after Microsoft confirmed a capacity loss in Azure Front Door (AFD) that produced intermittent portal outages and downstream service degradation across parts of Europe and...

Microsoft’s new Image Customizer for Azure Linux promises to shrink what used to be a lengthy, VM-driven image build process into a predictable, chroot-based workflow that operators can run in minutes — while integrating integrity protections such as dm-verity and code-integrity controls...

Microsoft has made Azure Kubernetes Service (AKS) Automatic generally available, offering an “opinionated” — but fully Kubernetes‑compatible — managed mode that stitches together autoscaling, node lifecycle management, observability, and security defaults to deliver production‑ready clusters...

Microsoft's Azure Linux 3.0.20250910 quietly introduces an optional Linux 6.12 LTS hardware‑enablement (HWE) kernel, giving Azure customers a supported path to newer device drivers and platform features while preserving the conservative, proven 6.6 LTS kernel as the default. Background /...

Microsoft's Azure Linux 3.0.20250910 adds an optional Linux 6.12 LTS hardware‑enablement (HWE) kernel, giving Azure customers a supported path to newer device drivers and platform improvements while keeping the existing Linux 6.6 LTS kernel available for conservative deployments. Background...

Microsoft’s AKS Automatic is the kind of product that reads like a direct answer to a single question enterprises have been asking for years: how do we keep Kubernetes’ benefits without paying an ever‑rising Kubernetes tax in staff, time, and outages? Background Kubernetes is the default runtime...

Azure has made a decisive push to lower the operational friction of Kubernetes with the general availability of Azure Kubernetes Service (AKS) Automatic — an opinionated, fully managed mode of AKS that ships production-ready clusters with preselected networking, security, scaling, and...