Excited to disclose my research allowing RCE in Kubernetes

It allows running arbitrary commands in EVERY pod in a cluster using a commonly granted "read only" RBAC permission. This is not logged and and allows for trivial Pod breakout.

Unfortunately, this will NOT be patched. I initially disclosed this in November of 2025 to the Kubernetes bug bounty program.

After much back and forth, it was decided that this "this behavior is working as intended" despite the risk it poses. I disagree.

Before moving from my role at Google to Snowflake I sat down and did a braindump of all the guidelines that I follow (or followed at one point and wanted to reintroduce).

For those interested, here are the ~34 guidelines that made the cut Read all the documentation for products you’re working on. Understand how they work in and out as early as often. Read them in full. It will take days or weeks. Find all the docs possible. Talk to people about them. Annotate them with questions and ideas.

The purchase of Comptia and Offsec by private equity firms should indicate trouble is looming in the security world.

Expect to pay more for lower quality certifications.

If you're in a hiring position, start identifying ways you can identify quality candidates without certs. If you couldn't already tell, this is frustrating to me and is part of why I push everyone to have some sort of public proof of their competence in a subject that isn't a certification.

Blogging is a great way to demonstrate you're skills without needing to pay cert providers.

This is a really interesting move from Apple.

Challenging researchers via a $1,000,000 bug bounty for their new Private Cloud Compute technology, releasing source code, architecture docs, and tooling means apple is VERY confident in this tech. 1/?

security.apple.com/blog/pcc-secur… 1. Back In June, Apple announced their “Private Cloud Compute” technology which allows for workloads originating on an apple device to be processed on a device in the cloud with higher, more specialized, computational hardware.

Alright here are my thoughts after digging into NixOS this weekend, buckle up because I have some thoughts on how it could be used for both personal use and in a security setting: NixOS (not to be confused with *nix or the Nix package manger) is a Linux distro that aims to be reproducible, declarative, and reliable. It has a few different ways of accomplishing this:

What are some tools you can't live without? Here are a few I use:

1. Bpytop: A better version of the Linux `top` command 2. Flameshot: Without a doubt the best screenshot utility. (Yes, even better than greenshot)
flameshot.org

(1/?) Thread of all the stuff I did today: 🧵👇 /Thread Thanks for reading.

Working in security is an endless battle between learning and forgetting information. I've recently realized on of the most important decisions I made early on to combat this was learning to take notes in markdown. A Thread🧵 ~95% of your time in security is spent learning, documenting, or writing in some fashion. If you can master the art of markdown you will be unbelievably effective in an area where 99% of people dread because they're still using word or google docs.

Some random thoughts on what I've learned over the past few years of doing cyber security. A thread 🧵 1/5 I'm convinced that capacity to sit down and follow a checklist to learn a topic or technology is the only differentiator between people who are good at security and people who are not. Yes, lots of thing are complex but you don't need to be an expert in every tool/technology.