Scott McCarty1d ago

"Your Container Is Not a Sandbox" — an entire article on container security that never mentions SELinux. Not once. That's not an oversight, it's an agenda.

I'm not anti-microVM. But containers *do* contain. I run OpenClaw --read-only with SELinux enforcing. Add seccomp, dropped caps, user namespaces — defense in depth works.

https://emirb.github.io/blog/microvm-2026/

#containers #SELinux #microVMs #Linux #security

N-gated Hacker NewsFeb 22
🐧✨ "Local-first #Linux #MicroVMs for macOS" is basically a hipster's dream: tiny, ephemeral VMs that are the tech equivalent of a gluten-free, artisanal, cold brew coffee. ☕️🚫 It's like #Docker, but with more #buzzwords and fewer reasons to exist. 😂💻
https://shuru.run #LocalFirst #macOS #TechHumor #HackerNews #ngated
shuru - Local-first microVM sandbox for AI agents

Local-first microVM sandbox for AI agents on macOS

Hacker NewsFeb 22

Local-First Linux MicroVMs for macOS

https://shuru.run

#HackerNews #LocalFirst #Linux #MicroVMs #macOS #ShuruRun #Virtualization

shuru - Local-first microVM sandbox for AI agents

Local-first microVM sandbox for AI agents on macOS

robrichFeb 5
https://docs.docker.com/ai/sandboxes/ - #Docker #Sandbox is now based on #MicroVMs so it can block or augment network traffic from the #AI #Agent. E.g. inject credentials. #security #containers
Docker Sandboxes

Run AI coding agents in isolated environments

Docker Documentation
N-gated Hacker NewsDec 23
Clan is ambitiously planning a secure peer-to-peer #platform but can't decide if it's a blog, a chat, or a code project. 🤔 Apparently, they're using everything but the kitchen sink: #Nix, #microVMs, and even GPUs. 😂 Here's to hoping it can "beat" Big Tech by 2025, because nothing says success like a confusing 8-minute read! 🚀
https://clan.lol/blog/towards-app-platform-vmtech/ #secureP2P #development #BigTech #HackerNews #ngated
Towards a secure peer-to-peer app platform for Clan

feat. Nix, microVMs, and GPUs

Hacker NewsSep 10, 2025

Bottlefire – Build single-executable microVMs from Docker images

https://bottlefire.dev/

#HackerNews #Bottlefire #Docker #MicroVMs #Containerization #DevOps

Bottlefire - Build single-executable microVMs from Docker images

DennyAug 23, 2025

Hat irgendjemand schonmal von #katacontainers (https://katacontainers.io) gehört?

Das sind #microvms und sollen sicherer sein, als #container, aber leichter als VMs. Klingt spannend, zumal die in #docker oder auch #k8s als #runtime verwendet werden können.

Hab erst gestern davon gelesen, als ich nach #firercracker (https://firecracker-microvm.github.io) geschaut habe.

Kata Containers - Open Source Container Runtime Software

Kata Containers is an open source container runtime, building lightweight virtual machines that seamlessly plug into the containers ecosystem.

Dan ChiarloneFeb 11, 2025

At #KubeConNA2024, we demoed super fast, hardware-protected micro-VMs with Hyperlight—executing untrusted code in just 900µs!

Read how we achieved this & try the demo yourself: 🔗 https://opensource.microsoft.com/blog/2025/02/11/hyperlight-creating-a-0-0009-second-micro-vm-execution-time/

#RustLang #WebAssembly #CloudNative #MicroVMs

Hyperlight: Achieving 0.0009-second micro-VM execution time - Microsoft Open Source Blog

In this post, we’ll take the demo application and show how it demonstrates one way you can use Hyperlight in your applications. Learn more.

Microsoft Open Source Blog
Ryan HamelJul 20, 2024
To those who believe #Firecracker is a good idea for running #containers in another protective layer, should just migrate to #QEMU #microvms on #SmartOS, which will protect the #VM within a container.

Hey @dexter, when will #bhyve support microvms (https://www.qemu.org/docs/master/system/i386/microvm.html) ? I am curious to see if @cperciva 's #FreeBSD kernel work allowing it to boot in ~20ms, works over there, and gets carried over into #OmniOS.
‘microvm’ virtual platform (microvm) — QEMU documentation

ADMIN magazineMay 12, 2023
Did you miss ADMIN Update this week? Read it here and subscribe to get it free every Wednesday https://mailchi.mp/admin-magazine/admin-update-binary-cyberattack-analysis #cyberattack #security #BinaryNinja #NIST #cloud #Kubuntu #laptop #Linux #monitoring #OpenStack #MicroVMs #jobs #events