Back to Newsletter Feed

The New Stack January 29, 2026 06:02

TNS Daily | January 28

View Original Article

Newsletter Content

View In Browser

January 28, 2026

New Kubernetes 'vulnerability' actually a feature

A security researcher found a new Kubernetes vulnerability but it turned out to be a deliberate feature, reports TNS Senior Editor Joab Jackson.

Security researcher Graham Helton found the Kubernetes vulnerability, which allows users with read-only permission to run arbitrary and even privileged commands on any pod in a cluster. The twist? When Helton reported the hole in November, Kubernetes maintainers promptly closed the ticket, labeling it “intended behavior.”

This discovery forces IT leaders to ask whether they’re prioritizing telemetry at the expense of security.

Read the full news piece to learn how the vulnerability works and how to address it.

In other stories we’re following today:

Interested in building AI agents? Learn about Mastra, a framework that uses TypeScript to create and orchestrate agents.
Google today announced AI features for the Chrome browser that include a new Auto Browse feature, a new AI side panel for Gemini interactions, and integration with its imaging model. TNS Senior Editor for AI Frederic Lardinois drills down into what these Gemini-powered features bring to the browser.

by Loraine Lawson

TOP OF THE STACK

Kubernetes telemetry feature fully compromises clusters

by Joab Jackson

Featued image for: Kubernetes telemetry feature fully compromises clusters

Kubernetes' nodes/proxy GET call, commonly used by monitoring tools, can be exploited to execute privileged commands and compromise entire clusters without leaving an audit trail. It's a feature, not a bug.

If Kubernetes admins don't have enough to worry about with the upcoming Nginx gateway cutoff, they now may need to rifle through their Helm charts to potentially thwart a dangerous setting. Security researcher Graham Helton has...

WHAT ELSE IS NEW?

Featued image for: Mastra empowers web devs to build AI agents in TypeScript

AI Agents
Mastra empowers web devs to build AI agents in TypeScript

by Loraine Lawson

Featued image for: With Auto Browse, Google Chrome can now surf the web for you

AI
With Auto Browse, Google Chrome can now surf the web for you

by Frederic Lardinois

Featued image for: A decade of werf, a software delivery tool for Kubernetes

Containers
A decade of werf, a software delivery tool for Kubernetes

by Dmitry Shurupov

Featued image for: Drupal turns 25: From simple to complex — then simple again

Frontend Development
Drupal turns 25: From simple to complex — then simple again

by Richard MacManus

Featued image for: Agoda’s secret to 50x scale: Getting the database basics right

Databases
Agoda’s secret to 50x scale: Getting the database basics right

by Cynthia Dunlop

Featued image for: Terraform challenger Formae expands to more clouds

Infrastructure as Code
Terraform challenger Formae expands to more clouds

by Joab Jackson

Featued image for: Open Responses vs. Chat Completion: A new era for AI apps

AI Engineering
Open Responses vs. Chat Completion: A new era for AI apps

by Janakiram MSV

Featued image for: The agentic revolution: A new vision for SREs

AI Agents
The agentic revolution: A new vision for SREs

by Mandi Walls

Featued image for: How to secure Vertex AI pipelines with Google Cloud tools

AI
How to secure Vertex AI pipelines with Google Cloud tools

by Advait Patel

Featued image for: Ai2 makes building custom coding agents easier and cheaper

AI Agents
Ai2 makes building custom coding agents easier and cheaper

by Frederic Lardinois

The year of AI: 3 critical shifts coming to regulated industries

From our partner

2026 is a pivotal year for AI in regulated industries, driven by breakthroughs in legacy modernization, predictive security, and development.

FLOW STATE

WebAssembly vs. JavaScript: testing side-by-side performance

How much faster is WebAssembly than JavaScript for heavy data processing? We do a side-by-side test using an image processor built with Rust.

Explore the article

On-demand: why cloud cost optimization isn’t broken

Explore how shifting cost optimization left embeds governance, security, and efficiency into your designs without slowing developers down.

Catch the replay

Look: should enterprises run containers in VMs or bare metal?

Bare metal may be considered more efficient, but enterprise Kubernetes users have other concerns that make virtual machines appealing.

TNS Makers: CTO Chris Aniszczyk on the CNCF push for AI interoperability

In this episode of The Makers, CNCF CTO Chris Aniszczyk discusses what AI agents and microservices have in common.

Watch the episode

How did we do today?

The New Stack is a media platform for the people who build and manage software the world relies on.

Become a TNS Sponsor

© 2026 the New Stack. All rights reserved.

You’re receiving this email because you signed-up at thenewstack.io.

Mailing Address:
The New Stack 1111 6th Ave Ste 550 PMB 50938 San Diego, CA 92101-5211

CONNECT

Details

Source:
The New Stack

Date:
Jan 29, 2026 06:02

Category:
Technical

Actions

Original Article All Newsletters