Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The recent news about Google’s multi-billion-dollar acquisition of Wiz has sparked widespread conversation across the cybersecurity world. Its price tag reflects its strong reputation, Wiz is a leader in Cloud Security Posture Management (CSPM) solution. Its strength lies in identifying potential risks before they impact your live environment.

ARMO researchers reveal a major blind spot in Linux runtime security tools caused by the io_uring interface—an asynchronous I/O mechanism that bypasses traditional system calls. Most tools, including Falco, Tetragon, and Microsoft Defender fail to detect rootkits using io_uring because they rely on syscall monitoring. ARMO’s proof-of-concept rootkit, Curing, operates fully via io_uring to demonstrate the threat.

The best way to understand real-world attacks is to observe them in the wild. Following this principle, our research team set up a decoy Kubernetes workload designed to attract malicious actors – a honeypot in a Kubernetes cluster we named the “Honey-pod.” Inside this pod, we deployed Apache Druid, a popular open-source analytics database known for its scalability and, unfortunately, for a history of exploitable vulnerabilities.

Kubernetes 1.33 marks another exciting milestone in the evolution of this widely adopted container orchestration platform. A big shoutout to the release team for their hard work and contributions! In this update, Kubernetes continues to enhance its capabilities to meet the ever-evolving demands of modern cloud-native environments. Let’s take a closer look at the key security improvements and other features that caught our attention.

With DHS ending MITRE’s CVE funding, the future of global vulnerability tracking is uncertain. Here’s what it means for security teams and what comes next.

The answer depends on who you ask – and how they approach threat detection.

Software supply chain attacks cost businesses $45.8 billion globally in 2023 alone, and is projected to exceed $80.6 billion by 2026. According to Gartner’s projection, 45% of organizations will experience software supply chain attacks this year. These emphasize the importance of software supply chain security and the need for every organisation to prioritize it.

Containerization, a form of lightweight virtualization, lets applications inhabit their own self-contained environments. Each container packages everything an application needs to run – code, runtime, libraries – keeping it neatly separated from everything else. This isolation is a big deal because it means a problem in one container won’t bring down the whole environment.

On March 24, 2025, Wiz Research disclosed a series of critical vulnerabilities in Ingress NGINX Controller for Kubernetes, collectively dubbed: These unauthenticated Remote Code Execution (RCE) vulnerabilities have been assigned a CVSS base score of 9.8. According to Wiz Research, exploitation allows attackers to gain unauthorized access to all secrets across all namespaces in affected Kubernetes clusters, potentially leading to complete cluster takeover.

As organizations increasingly adopt cloud-native architectures, they face a sprawling attack surface with novel threats that traditional security measures struggle to manage. ARMO’s Behavioral Cloud Application Detection and Response (CADR) offers the precise solution to these problems. It is designed to address the complexities and challenges of securing cloud-native applications in runtime.