A security researcher revealed a Kubernetes vulnerability that allows users with read-only permissions to execute arbitrary commands on pods. This exploit stems from the nodes/proxy GET resource, which many monitoring tools use, and poses significant risks to cluster security. Until the upcoming KEP-2862 is fully implemented, organizations need to audit their permissions and consider stricter access controls.

Wazuh is an open-source security platform for threat prevention, detection, and response across various environments, including on-premises and cloud. It features agents for monitoring systems and a management server for data analysis, integrating with the Elastic Stack for enhanced visibility. Key functionalities include intrusion detection, log analysis, and compliance monitoring.