🔒 Container Security - CWhiting · Scour

Sandboxing for dummies: Process isolation, seccomp and writing good policies 📦Namespaces

renato.boo·3d·Hacker News

How we contain Claude across products 🤖Anthropic Claude API

simonwillison.net·1d·Hacker News

Open-Source Alternatives to E2B for Sandboxed Code Execution 🔒Runtime Security

beam.cloud·18h

Mitigating CVE-2026-31431 (“Copy Fail”) in Docker Engine 🔒Runtime Security

gumieri/nenya: A lightweight, highly secure AI API Gateway/Proxy written in Go. Acts as transparent middleware between local AI coding clients (OpenCode/Pi/Cursor) and upstream LLM providers (Gemini, DeepSeek, Zhipu z.ai). 📋OpenAPI

Dirty Frag: a kernel zero-day vs. container and microVM sandboxes 💣Binary Exploitation

news.ycombinator.com·4d·Hacker News

The Good, the Bad, and the Ugly: Hacking 3 Cloud Providers with 1 Vulnerability ☁️Cloud Security

youtube.com·6d

From Exploit Code to Production Detection: Building a CVE-2026-31431 (Copy Fail) detection with Agents 💣Binary Exploitation

securitylabs.datadoghq.com·4d

Kisyntra/Agent_Sudo: Local permission gateway for AI agents with approvals, delegation, audit logging, and MCP integration. 📋AGENTS.md

github.com·1d·DEV

CIFSwitch (cifs.spnego LPE): Mitigation and Kernel Update on CloudLinux 🛡️Exploit Mitigations

blog.cloudlinux.com·3d

Security updates for Tuesday [LWN.net] 📟Firmware Analysis

Top Daytona.io Alternatives 🔒Runtime Security

beam.cloud·18h

Kubernetes Study Path — From kubectl to a Production Cluster 📦Namespaces

semicolony.dev·6d·Hacker News

Small and standalone mDNS responder using the Traefik API 📊Self-Hosted Analytics

codeberg.org·6d·r/homelab

octelium/cordium: Open-source sandbox platform with identity-based secretless infrastructure access for developers and AI agents on Kubernetes 🔒Runtime Security

github.com·6d·Hacker News, Hacker News

Manage MCP servers on Red Hat OpenShift with the MCP lifecycle operator 💻Personal Computing

System Calls 📞System Calls

internals-for-interns.com·6d

Teleport-env – <500ms stateful rollbacks for AI agents via CRIU 🤖Network Automation

github.com·4d·Hacker News

The Untrusted Autonomous Workload: How AI Coding Agents Reshape What Isolation Has to Do 🔒Runtime Security

[Project] Bashqueues: A shell-native, policy-driven IPC and job management system (Seeking technical feedback) 🛡️CLI Security

github.com·4d·r/linux

Log in to enable infinite scrolling