Kubernetes v1.36, due late April 2026, retires Ingress NGINX for security reasons and deprecates the .spec.externalIPs field, forcing users to adopt modern ingress patterns.

Gateway API v1.5 released with six experimental features promoted to stable, including ListenerSet, TLSRoute, and CORS filter. New release train model ensures predictable cadence.

Kubernetes v1.36 'Haru' released with 70 enhancements: 18 stable, 25 beta, 25 alpha. New theme inspired by Hokusai. Deprecations and removals included.

Kubernetes v1.37 will enable SELinuxMount by default, optimizing volume labeling but potentially breaking apps that depend on recursive relabeling. Audit clusters now in v1.36.

Kubernetes v1.36 makes User Namespaces GA, enabling rootless containers with transparent ID-mapped mounts for security without performance penalties.

Kubernetes v1.36 makes fine-grained kubelet API authorization GA, replacing dangerous nodes/proxy permission that allowed arbitrary code execution via WebSocket abuse.

Kubernetes v1.36 promotes mutable pod resources for suspended Jobs to beta, allowing queue controllers to adjust CPU/GPU/memory specs on the fly without recreating Jobs.

Kubernetes v1.36 introduces atomic FIFO queues and new observability tools to prevent controller staleness, reducing risk of silent failures.

Kubernetes v1.36 introduces tiered memory protection with opt-in reservation, separating throttling from hard/soft limits per QoS class to reduce OOM risk.

Kubernetes v1.36 promotes In-Place Pod-Level Resources Vertical Scaling to Beta, enabled by default, allowing dynamic pod resource adjustments without container restarts.

Autonomous AI assistants like OpenClaw offer productivity gains but introduce new security risks, as illustrated by a real incident where an agent deleted emails uncontrollably.

Microsoft fixes 77 vulnerabilities in March 2026, no zero-days. Key patches: SQL Server EOP, Office RCE, privilege escalation bugs, and an AI-discovered flaw.

Iran-linked hacktivist group Handala claims wiper attack on Stryker, erasing data from 200,000 systems, forcing shutdown of offices in 79 countries, as retaliation for US missile strike on Iranian school.

U.S., Canada, and Germany dismantle four IoT botnets affecting 3 million devices, used in record DDoS attacks and extortion.

TeamPCP deploys wiper worm targeting Iranian systems via cloud misconfigurations. The self-propagating CanisterWorm wipes data based on timezone and language settings.

German authorities unmask Daniil Shchukin as UNKN, mastermind of REvil and GandCrab ransomware, revealing over $35 million in damages and 130 attacks.

Russian GRU hackers compromised 18K+ routers to steal Microsoft Office OAuth tokens via DNS hijacking, targeting government agencies and using no malware.

Senior Scattered Spider member Tyler Robert Buchanan pleads guilty to wire fraud and identity theft for 2022 phishing and SIM swapping attacks, faces over 20 years.

Security researchers discover a Brazilian DDoS protection firm's systems were used to launch massive attacks against local ISPs, exposing a botnet built from insecure routers and DNS servers.

Google's TurboQuant compresses KV cache memory by up to 4x in LLMs, reducing inference costs by 60% and enabling million-token contexts without accuracy loss.