Available now! Telegram Research 2025 โ the year's key insights 
Kubesploit
Open in Telegram
News and links on Kubernetes security curated by the @Learnk8s team Website: https://kubesploit.io/
Show more2 062
Subscribers
+324 hours
-47 days
+1130 days
Data loading in progress...
Similar Channels
Tags Cloud
Incoming and Outgoing Mentions
---
---
---
---
---
---
Attracting Subscribers
June '26
June '26
+31
in 3 channels
May '26
+49
in 3 channels
Get PRO
April '26
+36
in 3 channels
Get PRO
March '26
+65
in 5 channels
Get PRO
February '26
+35
in 1 channels
Get PRO
January '26
+29
in 1 channels
Get PRO
December '25
+44
in 3 channels
Get PRO
November '25
+35
in 2 channels
Get PRO
October '25
+23
in 2 channels
Get PRO
September '25
+18
in 2 channels
Get PRO
August '25
+22
in 2 channels
Get PRO
July '25
+38
in 2 channels
Get PRO
June '25
+18
in 3 channels
Get PRO
May '25
+28
in 2 channels
Get PRO
April '25
+18
in 2 channels
Get PRO
March '25
+23
in 3 channels
Get PRO
February '25
+23
in 1 channels
Get PRO
January '25
+28
in 2 channels
Get PRO
December '24
+49
in 1 channels
Get PRO
November '24
+106
in 2 channels
Get PRO
October '24
+103
in 2 channels
Get PRO
September '24
+94
in 2 channels
Get PRO
August '24
+147
in 3 channels
Get PRO
July '24
+62
in 2 channels
Get PRO
June '24
+66
in 3 channels
Get PRO
May '24
+91
in 2 channels
Get PRO
April '24
+122
in 3 channels
Get PRO
March '24
+76
in 3 channels
Get PRO
February '24
+57
in 2 channels
Get PRO
January '24
+56
in 2 channels
Get PRO
December '23
+79
in 2 channels
Get PRO
November '23
+21
in 3 channels
Get PRO
October '23
+23
in 2 channels
Get PRO
September '23
+28
in 0 channels
Get PRO
August '23
+12
in 0 channels
Get PRO
July '23
+26
in 0 channels
Get PRO
June '23
+30
in 0 channels
Get PRO
May '23
+42
in 0 channels
Get PRO
April '23
+27
in 0 channels
Get PRO
March '23
+81
in 0 channels
Get PRO
February '23
+17
in 0 channels
Get PRO
January '23
+35
in 0 channels
Get PRO
December '22
+22
in 0 channels
Get PRO
November '22
+34
in 0 channels
Get PRO
October '22
+23
in 0 channels
Get PRO
September '22
+32
in 0 channels
Get PRO
August '22
+19
in 0 channels
Get PRO
July '22
+32
in 0 channels
Get PRO
June '22
+22
in 0 channels
Get PRO
May '22
+104
in 0 channels
Get PRO
April '22
+36
in 0 channels
Get PRO
March '22
+33
in 0 channels
Get PRO
February '22
+18
in 0 channels
Get PRO
January '22
+22
in 0 channels
Get PRO
December '21
+12
in 0 channels
Get PRO
November '21
+45
in 0 channels
Get PRO
October '21
+388
in 0 channels
| Date | Subscriber Growth | Mentions | Channels | |
| 25 June | +3 | |||
| 24 June | +3 | |||
| 23 June | +2 | |||
| 22 June | 0 | |||
| 21 June | +1 | |||
| 20 June | 0 | |||
| 19 June | 0 | |||
| 18 June | 0 | |||
| 17 June | +2 | |||
| 16 June | +2 | |||
| 15 June | 0 | |||
| 14 June | 0 | |||
| 13 June | 0 | |||
| 12 June | +1 | |||
| 11 June | +3 | |||
| 10 June | 0 | |||
| 09 June | +2 | |||
| 08 June | +1 | |||
| 07 June | +2 | |||
| 06 June | +2 | |||
| 05 June | +1 | |||
| 04 June | +1 | |||
| 03 June | +4 | |||
| 02 June | +1 | |||
| 01 June | 0 |
Channel Posts
This article explains how to use Gatekeeper to enforce in-cluster admission policies, such as rejecting
:latest images, mandating labels, and disallowing privileged workloads.
More: https://ku.bz/1Zskfkkvg| 2 |  This tutorial shows how to run OWASP ZAP scans inside GitHub Actions using SecureCodeBox on a Kubernetes kind cluster.
More: https://ku.bz/nDZJpmg5F | 146 |
| 3 |  This week on Learn Kubernetes Weekly 189:
๐ฅ Zero-Downtime Kubernetes Ingress Controllers on GCP
๐๏ธ Architecting GPUaaS for Enterprise AI On-Prem
๐ Conditions, Phases, and Declarative Phase Rules in Kubernetes Operators
โ๏ธ Container-Aware GOMAXPROCS
๐ Why Your Kubernetes Pod Was OOM Killed and Who Really Killed It
Read it now: https://kube.today/issues/189
โญ๏ธ This issue is brought to you by Solanica - replace RDS with a self-hosted DBaaS on your own Kubernetes clusters with automated Day 2 operations and zero vendor lock-in https://ku.bz/NTszfwH40 | 96 |
| 4 | This guide walks through deploying Istio via Terraform and Helm to secure service-to-service and external communication with mTLS, automatic sidecar injection, and encrypted ingress via Istio Gateway.
More: https://ku.bz/wxcXWRYy2 | 161 |
| 5 | Kogaro continuously validates Kubernetes config with 60+ checks across reference, resource, security, image, and network domains, catching silent failures before they impact production.
More: https://ku.bz/_DdDJ5wzj | 578 |
| 6 |  AI can quickly create Kubernetes changes, but it is still important to validate them.
Mauricio Salatino from Dash0 tests generated manifests before releasing them. He uses tools like vCluster Bind and provides clear examples to ensure the output matches established patterns.
Good governance begins with testing, understanding the context, and setting clear expectations.
Watch the full interview: https://ku.bz/Q7q0K2RyH | 262 |
| 7 | Netfence runs as a daemon, injecting eBPF filter programs into cgroups and network interfaces, with a built-in DNS server that resolves allowed domains and populates IP allowlists, and connecting to a central control plane to synchronize network rules.
More: https://ku.bz/wCc37BMNY | 190 |
| 8 |  This article covers network security fundamentals in Kubernetes, explaining how clusters default to a flat pod network, how network policies enforce segmentation, and best practices like โdefault denyโ and restricting host networking.
More: https://ku.bz/T2VfCvjdJ | 205 |
| 9 | Hortator lets AI agents spawn sub-agents at runtime, with each agent running in its own pod with budget caps, network policies, PII redaction, and capability inheritance so children can never escalate beyond their parent's permissions.
More: https://ku.bz/kh47Xb28t | 153 |
| 10 | Artem Lajko explains OS-level observability - the deepest layer of Kubernetes monitoring focused on infrastructure security and performance.
He describes how specialized tools like Falco and eBPF monitor system calls and kernel events to detect security threats. Using the example of unauthorized container shell access, Artem demonstrates how this layer provides platform teams and security engineers with deep insights while maintaining system performance.
Watch the full episode: https://ku.bz/9sGxhmm8s | 199 |
| 11 | This tutorial shows how to deploy OpenClaw on Kubernetes with a Helm chart and ArgoCD, using persistent storage, config modes, secrets handling, and network policies to reduce the blast radius of an AI agent.
More: https://ku.bz/4-b9pCNFz | 161 |
| 12 | This article shows how to configure Role-Based Access Control (RBAC) in Kubernetes Engine (GKE), create roles, role bindings, and enforce least privilege across namespaces and cluster APIs.
More: https://ku.bz/RFzkXpXg9 | 183 |
| 13 | Nicholaos Mouzourakis, Staff Product Security Engineer at Gusto, explains how they implemented auditable decision logging for Open Policy Agent (OPA) in their Kubernetes environment. He describes how Styra's Declarative Authorization Service (DAS) ingests and indexes OPA decision logs from all instances, making them searchable in a centralized location.
Nicholaos details how DAS enables:
- Searching for actions taken by specific users
- Identifying users with access to particular resources
- Tracking when and how access was granted
- Simulating policy changes against historical decision logs
He also mentions how they overcame challenges with legacy batch decision logs that weren't easily searchable by implementing a new batch API provided by Styra.
Watch the full episode: https://kube.fmhttps://ku.bz/S-2vQ_j-4 | 155 |
| 14 |  This week on Learn Kubernetes Weekly 188:
๐ฅ When ipBlock Breaks HTTPS in Kubernetes: Debugging NetworkPolicy, Traefik, and Hairpin Routing
๐ง How Nginx's New resolve Directive Finally Fixed Our Kubernetes 502s
โก Before You Implement KEDA, Do This First
๐ค Why Your CI/CD Pipeline Failures Still Need a Human โ And How We're Changing That
๐ Your SLOs Should Be Kubernetes Resources, Not Grafana Dashboards
Read it now: https://kube.today/issues/188
โญ๏ธ This newsletter is brought to you by LearnKube โ master Kubernetes with hands-on training designed for engineers who want to learn the smart way https://ku.bz/7py0zX-ct | 133 |
| 15 |  This tutorial teaches how to extend EKS with hybrid nodes using IAM Roles Anywhere and HashiCorp Vault for secure authentication of on-premises or edge workloads.
More: https://ku.bz/s3DxFxdHf | 327 |
| 16 |  This tutorial teaches how to collect Prometheus metrics from Kubernetes clusters and securely route them to remote Prometheus instances using Vector with mTLS encryption.
More: https://ku.bz/_QBDYV4t7 | 379 |
| 17 |  This tutorial teaches how to secure LLM inference services on Kubernetes using Authorino and Envoy for authentication and authorization.
More: https://ku.bz/NWFrLKFbF | 337 |
| 18 |  This tutorial teaches how to implement container image signature verification in Kubernetes using Cosign for signing, Kyverno for policy enforcement, and Sigstore Policy Controller for admission control.
More: https://ku.bz/vT_tmP0lj | 346 |
| 19 | This tutorial shows how to secure east-west traffic in GKE using an Internal Regional Gateway with Envoy proxies, certificates, HTTP Routes with path rewriting, and a zero-trust architecture for service-to-service communication.
More: https://ku.bz/VqqYrclKm | 840 |
| 20 |  This week on Learn Kubernetes Weekly 187:
๐ง Applying Kubernetes Patterns to LLM Workloads
๐ข Why Your Grafana is Slow on Kubernetes (and 3 Replicas Won't Fix It)
๐ Observability at Albert Heijn
๐ฌ Vibe Coding a Kubernetes Media Server: What I Learned About AI-First Engineering
๐ Installing Kong Gateway Custom Plugins on Kubernetes using Helm Charts
Read it now: https://kube.today/issues/187
โญ๏ธ This newsletter is brought to you by WeAreDevelopers World Congress โ The Worldโs Largest Event for Developers, AI Builders & Tech Leaders https://ku.bz/cwnthSpPK | 256 |
