November’s Patch Tuesday brought critical zero-days being actively exploited, reminding us that patch management is still the unglamorous foundation of security.
CISA’s Secure by Design initiative is moving from voluntary pledges to measurable industry impact, and software vendors are starting to feel the pressure.
With OpenTelemetry’s logging signal reaching GA status, the project now covers all three pillars of observability with stable APIs, fulfilling a long-standing promise to the industry.
Docker’s new Model Runner feature brings local AI model execution into the Docker Desktop workflow, blurring the line between containers and inference.
CVE-2025-1974 and related vulnerabilities in the Kubernetes ingress-nginx controller allow unauthenticated remote code execution, affecting an estimated 40% of Kubernetes clusters.