How a pod running as root and with a mount point to the node's /var/log directory can expose the entire contents of its host filesystem to any user who has access to its logs. Also interesting for understanding how 'kubectl logs' works.

How an attacker who manages to run malicious code on a cluster can successfully spoof DNS responses to all the applications running on the cluster, and from there execute a MITM attack on all network traffic of pods.

How an attacker can persist on a vulnerable Lambda instance and gain access to other invocations. With the release of a companion tool.

A company's journey with Istio, highlighting their Istio adoption strategy and overall journey so far.

Nice post which focuses on how to design a microservices network architecture on GCP.

If you haven't used Cartography yet, I highly recommend to take a look at it.

These icons are a way to standardize Kubernetes architecture diagrams for presentations.