Can a hostile container sneak past your eBPF tracing? Sometimes, yes.
With @ostifofficial.bsky.social & @cncf.io we audited Inspektor Gadget - 3 vulns (fixed), 6 hardenings, 6 bypasses (io_uring, openat2, jumbo frames…).
Work by ndaprela & @suidpit.sh👏
🔗 www.shielder.com/blog/2026/04...
Security audit of Inspektor Gadget, an eBPF-based observability framework for Linux and Kubernetes. Sponsored by the CNCF (Cloud Native Computing Foundation), facilitated by Open Source Technology Imp...
