Tag: container

500,000 Vulnerabilities, 14 That Matter: How Exploit Chain Analysis Cuts Through the Noise

Apr 21, 2026 9:39 PM

Tags: cloud, container, cvss, data, detection, endpoint, exploit, threat, tool, vulnerability

When 500,000 Findings Hide 14 Real Threats Modern enterprises ingest vulnerability data from dozens of sources: endpoint detection and response platforms, vulnerability scanners, cloud security posture tools, container image scanners. A large organization can easily accumulate hundreds of thousands of individual findings. The standard response is to sort by CVSS score, filter for criticals, and……
Top techniques attackers use to infiltrate your systems today

Apr 21, 2026 11:39 AM

Tags: 2fa, access, ai, api, attack, authentication, automation, business, captcha, cloud, container, control, corporate, credentials, cybercrime, cybersecurity, data, deep-fake, defense, detection, email, exploit, flaw, hacking, Hardware, identity, infrastructure, least-privilege, malicious, mfa, microsoft, monitoring, network, password, phishing, powershell, ransomware, risk, saas, scam, service, social-engineering, software, supply-chain, theft, tool, training, vpn, vulnerability, worm

Network security device hacking: Network edge devices have increasingly drawn attackers’ attention over the past two years, establishing a new battleground where the very devices meant to protect the network have become attractive targets for exploitation.As a result, flaws in security device, such as SSL VPN systems and other gateways, are among the top initial…
Claude Mythos: Prepare for your board’s cybersecurity questions about the latest AI model from Anthropic

Apr 15, 2026 12:52 AM

Tags: ai, api, application-security, attack, authentication, automation, best-practice, business, ceo, cisa, cloud, compliance, container, control, cve, cvss, cyber, cybersecurity, data, data-breach, endpoint, exploit, fedramp, finance, flaw, framework, governance, group, HIPAA, identity, injection, insurance, kev, law, linkedin, linux, LLM, macOS, network, PCI, risk, service, soc, software, strategy, technology, threat, update, vulnerability, vulnerability-management, windows, zero-day, zero-trust

With the Federal Reserve Chairman meeting with bank CEOs to discuss the security implications of Claude Mythos, you can bet that your board of directors will ask you about the impact of the AI model on your cybersecurity strategy. Here’s how to prepare. Key takeaways Anthropic announced Claude Mythos Preview, its most powerful general-purpose frontier…
Microsoft’s April 2026 Patch Tuesday Addresses 163 CVEs (CVE-2026-32201)

Apr 14, 2026 10:53 PM

Tags: advisory, api, attack, best-practice, cloud, container, cve, cvss, cyber, data, exploit, firewall, firmware, flaw, framework, github, Internet, malicious, microsoft, mitigation, office, powershell, rce, remote-code-execution, service, software, sql, startup, tool, update, vulnerability, windows, zero-day

8Critical 154Important 1Moderate 0Low Microsoft addresses 163 CVEs in the April 2026 Patch Tuesday release, including two zero-day vulnerabilities, one of which was exploited in the wild. Microsoft patched 163 CVEs in its April 2026 Patch Tuesday release, with eight rated critical, 154 rated as important and one rated as moderate. This is the second…
Kubernetes Is Eating Production: Why Usage Keeps Climbing Into 2026

Apr 14, 2026 4:52 PM

Tags: cloud, container, infrastructure, kubernetes, software

<div cla Kubernetes isn’t just up in 2026; it’s becoming the default foundation for production software and AI. The latest CNCF Annual Cloud Native Survey shows that Kubernetes is now the backbone of production infrastructure, with 82% of container users running Kubernetes in production and 94% either running, piloting, or evaluating it. At this point,…
Die achte Nutanix-Studie mit dem Enterprise Cloud Index – KI liebt Container, erzeugt Schatten-IT und organisatorische Silos

Apr 14, 2026 12:52 PM

Tags: ai, cloud, container

First seen on security-insider.de Jump to article: www.security-insider.de/ki-liebt-container-erzeugt-schatten-it-und-organisatorische-silos-a-9a52a772733fc6815a5fdf9cd31ef61b/
Old Docker authorization bypass pops up despite previous patch

Apr 10, 2026 9:52 PM

Tags: access, api, botnet, cloud, container, credentials, data, docker, exploit, flaw, monitoring, tool, update, vulnerability

No one checked oversized requests: While the previous authorization bypass was triggered when request Content-Length was set to 0, no one checked at the time what would happen in the same function if the request exceeded a certain size.”When an API request body exceeds 1MB, Docker’s middleware silently drops the body before your authorization plugin…
Kubernetes Strategy: When It’s a Fit and Who Should Run It

Apr 8, 2026 6:52 PM

Tags: container, infrastructure, kubernetes, skills, strategy, technology

<div cla Many organizations that use containers now run at least some production workloads on Kubernetes, and it comes up in most infrastructure discussions. But not every organization actually needs it or needs to run it themselves. This Q&A explains when Kubernetes is a good fit, when it’s overkill, what skills you need, and how…
Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

Apr 8, 2026 2:52 PM

Tags: access, ai, authentication, container, cve, data, data-breach, docker, exploit, flaw, hacker, injection, intelligence, linkedin, network, update, vulnerability

Hackers exploit unpatched instances: While a patch has been available for months, a recent VulnCheck finding places the first in-the-wild exploitation on April 6. Caitlin Condon, VP of Security Research at the vulnerability intelligence company, warned of the abuse through a LinkedIn post.”Early this morning, VulnCheck’s Canary network began detecting first-time exploitation of CVE-2025-59528, an…
5 practical steps to strengthen attack resilience with attack surface management

Apr 7, 2026 9:54 PM

Tags: access, api, attack, authentication, automation, backup, breach, business, cloud, container, control, credentials, cvss, cyber, cybersecurity, data, data-breach, detection, dns, email, endpoint, exploit, framework, government, identity, iot, malicious, monitoring, msp, network, nist, phishing, ransomware, resilience, risk, service, social-engineering, software, threat, tool, update, vpn, vulnerability, vulnerability-management, windows

What can attackers actually reach right now? By continuously identifying and prioritizing exposure across your environment, ASM transforms raw visibility into measurable cyber resilience.Below are five practical steps security teams can take to strengthen attack resilience using attack surface management principles. Effective attack surface management starts with complete visibility. Security gaps often appear because teams…
5 practical steps to strengthen attack resilience with attack surface management

Apr 7, 2026 9:54 PM

Tags: access, api, attack, authentication, automation, backup, breach, business, cloud, container, control, credentials, cvss, cyber, cybersecurity, data, data-breach, detection, dns, email, endpoint, exploit, framework, government, identity, iot, malicious, monitoring, msp, network, nist, phishing, ransomware, resilience, risk, service, social-engineering, software, threat, tool, update, vpn, vulnerability, vulnerability-management, windows

What can attackers actually reach right now? By continuously identifying and prioritizing exposure across your environment, ASM transforms raw visibility into measurable cyber resilience.Below are five practical steps security teams can take to strengthen attack resilience using attack surface management principles. Effective attack surface management starts with complete visibility. Security gaps often appear because teams…
5 practical steps to strengthen attack resilience with attack surface management

Apr 7, 2026 9:54 PM

Tags: access, api, attack, authentication, automation, backup, breach, business, cloud, container, control, credentials, cvss, cyber, cybersecurity, data, data-breach, detection, dns, email, endpoint, exploit, framework, government, identity, iot, malicious, monitoring, msp, network, nist, phishing, ransomware, resilience, risk, service, social-engineering, software, threat, tool, update, vpn, vulnerability, vulnerability-management, windows

What can attackers actually reach right now? By continuously identifying and prioritizing exposure across your environment, ASM transforms raw visibility into measurable cyber resilience.Below are five practical steps security teams can take to strengthen attack resilience using attack surface management principles. Effective attack surface management starts with complete visibility. Security gaps often appear because teams…
Container Security Without Context Is Just More Noise

Apr 7, 2026 5:51 PM

Tags: container, docker

Smarter container security with Docker Hardened Images. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/container-security-without-context-is-just-more-noise/
Kubernetes Flaws Let Hackers Jump From Containers to Cloud Accounts

Apr 7, 2026 2:50 PM

Tags: cloud, container, cyber, flaw, hacker, identity, kubernetes, theft

Hackers are increasingly abusing Kubernetes misconfigurations to jump from containers into high”‘value cloud accounts, turning a single compromised pod into full cloud”‘level access. This trend is accelerating rapidly, with Kubernetes”‘related identity abuse and token-theft operations growing sharply across enterprise environments. Kubernetes now underpins many large”‘scale applications, making it a prime target for attackers who want…
Supply Chain Attacks Surge in March 2026

Apr 4, 2026 5:53 AM

Tags: access, ai, api, attack, authentication, awareness, cloud, container, control, corporate, credentials, crypto, data-breach, github, group, hacking, identity, infrastructure, Internet, kubernetes, least-privilege, linux, LLM, macOS, malicious, malware, mfa, network, north-korea, open-source, openai, phishing, pypi, software, startup, supply-chain, threat, tool, update, vulnerability, windows

IntroductionThere was a significant increase in software supply chain attacks in March 2026. There were five major software supply-chain attacks that occurred including the Axios NPM package compromise, which has been attributed to a North Korean threat actor. In addition, a hacking group known as TeamPCP was able to compromise Trivy (a vulnerability scanner), KICS…
Chainguard Unveils Factory 2.0 to Automate Hardening the Software Supply Chain

Apr 3, 2026 4:51 PM

Tags: container, open-source, software, supply-chain

The rebuilt Chainguard platform adds deeper security designed to continuously reconcile open-source artifacts across containers, libraries, Actions and skills. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/chainguard-factory-automate-hardening-software-supply-chain
Chainguard Unveils Factory 2.0 to Automate Hardening the Software Supply Chain

Apr 3, 2026 4:51 PM

Tags: container, open-source, software, supply-chain

The rebuilt Chainguard platform adds deeper security designed to continuously reconcile open-source artifacts across containers, libraries, Actions and skills. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/chainguard-factory-automate-hardening-software-supply-chain
The State of Trusted Open Source Report

Apr 2, 2026 2:51 PM

Tags: container, data, open-source, vulnerability

In December 2025, we shared the first-ever The State of Trusted Open Source report, featuring insights from our product data and customer base on open source consumption across our catalog of container image projects, versions, images, language libraries, and builds. These insights shed light on what teams pull, deploy, and maintain day to day, alongside…
How Sonatype’s Container Scanning Protects You From Zero-Days

Apr 1, 2026 5:29 PM

Tags: container, programming, software, tool, zero-day

<div cla Software development moves fast, and engineering teams face intense pressure to deliver applications securely without slowing down. Containers offer incredible speed and portability, allowing developers to build and deploy applications rapidly. But this speed introduces hidden risks when organizations rely on inadequate tools to secure their environments. First seen on securityboulevard.com Jump to…
What’s new in Tenable Cloud Security: Custom policies, AWS ABAC, and research-driven protection

Mar 31, 2026 6:31 PM

Tags: access, ai, api, attack, automation, business, cloud, container, control, cve, data, data-breach, exploit, framework, google, governance, iam, identity, intelligence, least-privilege, malicious, monitoring, network, remote-code-execution, risk, risk-analysis, service, software, strategy, supply-chain, threat, tool, unauthorized, update, vulnerability

Stop the noise and scale your cloud security. Our latest updates introduce custom policy automation via Explorer, AWS ABAC support for true least privilege, and research-backed protection against critical vulnerabilities, all designed to slash MTTR without disrupting your DevOps workflows. Key takeaways Automated governance via Explorer: Harness the power of Tenable’s unified data model, transforming…
Why Kubernetes controllers are the perfect backdoor

Mar 30, 2026 12:30 PM

Tags: access, api, automation, backdoor, compliance, container, control, kubernetes, malicious, mitre, service, threat

Figure 1: Anatomy of a controller-based attack. The malicious webhook intercepts legitimate pod creation requests and injects a backdoor sidecar before the object is persisted to etcd. Niranjan Kumar Sharma As illustrated in Figure 1, this webhook acts as a controller. Every time a legitimate pod is created (e.g., a payment service), the API server sends…
Breaking out: Can AI agents escape their sandboxes?

Mar 30, 2026 7:30 AM

Tags: access, ai, container

Container sandboxes are part of routine AI agent testing and deployment. Agents use them to run code, edit files, and interact with system resources without direct access to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/30/ai-agents-container-breakout-capabilities-research/
PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

Mar 25, 2026 1:47 PM

Tags: access, advisory, api, attack, cloud, container, credentials, data, exploit, extortion, github, group, infrastructure, malicious, malware, open-source, pypi, supply-chain, tactics, tool, vulnerability

An expanding supply-chain campaign: The LiteLLM incident has been confirmed to be a part of the rapidly unfolding TeamPCP supply chain campaign that first compromised Trivy.Trivy, developed by Aqua Security, is a widely used open-source vulnerability scanner designed to identify security issues in container images, file systems, and infrastructure-as-code (IaC) configurations. The ongoing attack, attributed…
GoHarbor Issues Urgent Patch for Harbor Flaw Allowing Full Registry Compromise

Mar 25, 2026 1:47 PM

Tags: container, credentials, cve, cyber, flaw, open-source, supply-chain, update, vulnerability

A critical security flaw in GoHarbor’s Harbor container registry exposes organizations to severe supply chain attacks. Tracked as CVE-2026-4404, this vulnerability stems from hardcoded default credentials that remain active unless manually altered by an administrator. Harbor functions as an open-source, OCI-compliant registry project designed to store, sign, and manage container images. Because it plays a…
44 Aqua Security repositories defaced after Trivy supply chain breach

Mar 23, 2026 4:47 PM

Tags: breach, container, docker, github, malicious, malware, risk, supply-chain

Malicious Trivy images on Docker Hub spread infostealer malware, exposing developers after a supply chain attack. Researchers found malicious Trivy images on Docker Hub linked to a supply chain attack. Versions 0.69.40.69.6, now removed, contained TeamPCP infostealer code. Suspicious tags were pushed without matching GitHub releases, increasing the risk to developers using compromised container images.…
Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper

Mar 23, 2026 10:47 AM

Tags: attack, container, cybersecurity, docker, kubernetes, malicious, radius, supply-chain, worm

Cybersecurity researchers have uncovered malicious artifacts distributed via Docker Hub following the Trivy supply chain attack, highlighting the widening blast radius across developer environments.The last known clean release of Trivy on Docker Hub is 0.69.3. The malicious versions 0.69.4, 0.69.5, and 0.69.6 have since been removed from the container image library.”New image tags 0.69.5 and…
Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps

Mar 23, 2026 7:46 AM

Tags: compliance, container, gitlab, open-source

GitLab CI/CD pipelines often accumulate configuration decisions that drift from security baselines over time. Container images get pinned to mutable tags, branches lose … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/23/plumber-open-source-gitlab-ci-cd-compliance-scanner/
Trusted Java Containers: Azul Zulu OpenJDK Joins Docker’s Official Images

Mar 20, 2026 10:10 PM

Tags: container, docker

Azul Zulu OpenJDK is now available as Docker Official images on Docker Hub, giving developers trusted, secure, and verified Java for their container builds. Learn all about it here. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/trusted-java-containers-azul-zulu-openjdk-joins-dockers-official-images/
Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Mar 20, 2026 8:10 PM

Tags: container, docker, github, malware, open-source, vulnerability

Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a month to deliver malware that stole sensitive CI/CD secrets.The latest incident impacted GitHub Actions “aquasecurity/trivy-action” and “aquasecurity/setup-trivy,” which are used to scan Docker container images for vulnerabilities and set up GitHub Actions workflow First seen…
Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Mar 20, 2026 8:10 PM

Tags: container, docker, github, malware, open-source, vulnerability

Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a month to deliver malware that stole sensitive CI/CD secrets.The latest incident impacted GitHub Actions “aquasecurity/trivy-action” and “aquasecurity/setup-trivy,” which are used to scan Docker container images for vulnerabilities and set up GitHub Actions workflow First seen…