A security researcher revealed a Kubernetes vulnerability that allows users with read-only permissions to execute arbitrary commands on pods. This exploit stems from the nodes/proxy GET resource, which many monitoring tools use, and poses significant risks to cluster security. Until the upcoming KEP-2862 is fully implemented, organizations need to audit their permissions and consider stricter access controls.

COMmander is a lightweight C# tool designed to enhance defensive telemetry for RPC and COM by utilizing the Microsoft-Windows-RPC ETW provider to monitor system events based on user-defined detection rules. It operates by reading a configuration file to filter and detect specific RPC events, while logging relevant information in the Windows Event Viewer. Installation and uninstallation processes are straightforward, requiring administrator privileges for executing PowerShell scripts.