Devops

Context: decades-old vulnerabilities, still exploitable The Mythos Preview report (April 2026) highlighted an uncomfortable reality: among the 10,000+ vulnerabilities identified, the most critical ones are not necessarily the most recent. The SACK TCP bug in OpenBSD has been around for 27 years. The FFmpeg H.264 buffer overflow for 16 years. The FreeBSD NFS stack overflow for 17 years. What has changed is the speed at which these flaws can now be exploited. With AI-assisted exploitation tools, the window between a patch being published and active exploitation is now measured in hours, not weeks. ...

In professional environments, Azure databases (PostgreSQL, MySQL, SQL Server…) are often exposed exclusively via a Private Endpoint: they are only reachable within the Azure private network, with no public IP. The result: from your development workstation, it is impossible to connect directly using a client like DBeaver or psql. However, the AKS cluster (Azure Kubernetes Service) running in the same VNet does have access. This guide explains how to leverage that fact to create a secure tunnel to the database, without modifying any network rules or opening a single public port. ...

Taints and Tolerations let you repel pods from certain nodes. It is the inverse mechanism of Node Affinity (which attracts pods). The two are complementary and are often both necessary for a production workload. The concept A Taint is placed on a node: it signals that the node does not accept pods by default. A Toleration is declared in a pod: it allows the pod to tolerate a specific Taint and be scheduled on that node. ...