Tag: container

Windows Docker Desktop Vulnerability Allows Full Host Compromise

Aug 22, 2025 8:54 AM

Tags: container, cve, cvss, cyber, docker, flaw, vulnerability, windows

A critical vulnerability in Docker Desktop for Windows has been discovered that allows any container to achieve full host system compromise through a simple Server-Side Request Forgery (SSRF) attack. The flaw, designated CVE-2025-9074, was patched in Docker Desktop version 4.44.3 released in August 2025. CVE Details CVE ID CVE-2025-9074 CVSS Score Critical (Estimated 9.0+) Affected…
Critical Vulnerability in Docker Desktop Allows Malicious Containers to Access Host System

Aug 21, 2025 1:55 PM

Tags: access, container, control, cve, docker, flaw, linux, malicious, risk, unauthorized, vulnerability

A severe security vulnerability identified as CVE-2025-9074 has been discovered in Docker Desktop, exposing users to critical risks where malicious containers can gain unauthorized access to the host system. This flaw impacts how Linux containers interact with the Docker Engine, potentially allowing attackers to control the host’s file system and execute privileged commands without proper…
ASPM buyer’s guide: 7 products to help secure your applications

Aug 20, 2025 10:56 AM

Tags: access, ai, api, application-security, attack, business, ceo, cloud, compliance, container, crowdstrike, data, detection, endpoint, exploit, gartner, google, guide, iam, identity, infrastructure, ivanti, marketplace, microsoft, monitoring, okta, open-source, oracle, programming, risk, software, supply-chain, threat, tool, vulnerability, vulnerability-management

Protect the software development lifecycle (SDLC) and supply chain pipelinesAutomate software testingIntegrate with various applications to mitigate and remove various risksFeatures offered by ASPMs vary widely. As a result, tools can prove difficult to evaluate in terms of exactly what is being protected, what data and metadata is being collected to inform security judgments, and…
5 key takeaways from Black Hat USA 2025

Aug 12, 2025 10:12 AM

Tags: access, api, attack, authentication, botnet, business, cisco, cloud, container, control, credentials, data, endpoint, exploit, firmware, flaw, framework, Hardware, iam, login, malicious, malware, network, password, programming, rce, remote-code-execution, service, software, technology, tool, update, usa, vulnerability, windows

Vaults can be cracked open: Critical vulnerabilities in popular enterprise credential vaults were unveiled by security researchers from Cyata during Black Hat.The flaws in various components of HashiCorp Vault and CyberArk Conjur, responsibly disclosed to the vendors and patched before their disclosure, stemmed from subtle logic flaws in authentication, validation, and policy enforcement mechanisms, as…
ECScape: New AWS ECS flaw lets containers hijack IAM roles without breaking out

Aug 8, 2025 3:11 PM

Tags: access, attack, container, credentials, cve, flaw, iam, mitigation, risk, vulnerability

Fargate is comparatively safe: Amazon’s design makes the EC2 host, not the container, the security boundary. When multiple tasks with varying IAM roles share the same EC2, the risk of lateral escalation via ECScape increases. AWS did not immediately respond to CSO’s request for comment.Sweet Security has recommended mitigations that include disabling or restricting IMDS…
ECScape: New AWS ECS flaw lets containers hijack IAM roles without breaking out

Aug 8, 2025 3:11 PM

Tags: access, attack, container, credentials, cve, flaw, iam, mitigation, risk, vulnerability

Fargate is comparatively safe: Amazon’s design makes the EC2 host, not the container, the security boundary. When multiple tasks with varying IAM roles share the same EC2, the risk of lateral escalation via ECScape increases. AWS did not immediately respond to CSO’s request for comment.Sweet Security has recommended mitigations that include disabling or restricting IMDS…
Beyond cryptocurrency: Blockchain 101 for CISOs and why it matters

Aug 8, 2025 2:11 PM

Tags: access, ai, api, attack, blockchain, breach, ciso, compliance, container, control, credentials, crypto, data, framework, gartner, governance, identity, incident response, infrastructure, international, malicious, nist, regulation, risk, saas, sbom, software, supply-chain, technology, threat, tool, unauthorized, vulnerability, zero-trust

Decentralization. Eliminates single points of failure or compromise Immutability. Data written to the chain is nearly impossible to change Verifiability. Stakeholders can independently verify logs or data integrity Transparency + confidentiality. You can audit metadata while encrypting sensitive content According to Gartner, 20% of large enterprises will use blockchain for digital trust initiatives by 2025. That’s not hype, it’s…
Beyond cryptocurrency: Blockchain 101 for CISOs and why it matters

Aug 8, 2025 2:11 PM

Tags: access, ai, api, attack, blockchain, breach, ciso, compliance, container, control, credentials, crypto, data, framework, gartner, governance, identity, incident response, infrastructure, international, malicious, nist, regulation, risk, saas, sbom, software, supply-chain, technology, threat, tool, unauthorized, vulnerability, zero-trust

Decentralization. Eliminates single points of failure or compromise Immutability. Data written to the chain is nearly impossible to change Verifiability. Stakeholders can independently verify logs or data integrity Transparency + confidentiality. You can audit metadata while encrypting sensitive content According to Gartner, 20% of large enterprises will use blockchain for digital trust initiatives by 2025. That’s not hype, it’s…
Beyond cryptocurrency: Blockchain 101 for CISOs and why it matters

Aug 8, 2025 2:11 PM

Tags: access, ai, api, attack, blockchain, breach, ciso, compliance, container, control, credentials, crypto, data, framework, gartner, governance, identity, incident response, infrastructure, international, malicious, nist, regulation, risk, saas, sbom, software, supply-chain, technology, threat, tool, unauthorized, vulnerability, zero-trust

Decentralization. Eliminates single points of failure or compromise Immutability. Data written to the chain is nearly impossible to change Verifiability. Stakeholders can independently verify logs or data integrity Transparency + confidentiality. You can audit metadata while encrypting sensitive content According to Gartner, 20% of large enterprises will use blockchain for digital trust initiatives by 2025. That’s not hype, it’s…
Amazon ECS Internal Protocol Exploited to Steal AWS Credentials from Other Tasks

Aug 8, 2025 11:11 AM

Tags: attack, container, credentials, cyber, exploit, malicious, service, vulnerability

Security researchers have disclosed a critical vulnerability in Amazon Elastic Container Service (ECS) that allows malicious containers to steal AWS credentials from other tasks running on the same EC2 instance. The attack, dubbed >>ECScape,
What is a CISO? The top IT security leader role explained

Aug 8, 2025 9:12 AM

Tags: access, authentication, breach, business, ceo, cio, cisa, ciso, compliance, computer, container, control, corporate, credentials, cyber, cybersecurity, data, ddos, defense, dns, encryption, exploit, finance, firewall, framework, fraud, guide, Hardware, healthcare, infosec, infrastructure, intelligence, international, jobs, kubernetes, mitigation, msp, mssp, network, nist, programming, RedTeam, regulation, risk, risk-management, security-incident, service, skills, software, strategy, technology, threat, training, vpn, zero-day, zero-trust

. You’ll often hear people say the difference between the two is that CISOs focus entirely on information security issues, while a CSOs remit is wider, also taking in physical security as well as risk management.But reality is messier. Many companies, especially smaller ones, have only one C-level security officer, called a CSO, with IT…
Privilege Escalation Issue in Amazon ECS Leads to IAM Hijacking

Aug 7, 2025 11:11 PM

Tags: access, cloud, container, iam, service, software

A software developer discovered a way to abuse an undocumented protocol in Amazon’s Elastic Container Service to escalate privileges, cross boundaries and gain access to other cloud resources. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/privilege-escalation-amazon-ecs-iam-hijacking
PCI 4.0-Konformität sicherstellen durch File-Integrity-Monitoring für Container

Aug 7, 2025 4:11 PM

Tags: compliance, container, infrastructure, kubernetes, monitoring, PCI, vulnerability-management

Der zunehmende Einsatz von Containern hat die moderne Infrastruktur revolutioniert und ermöglicht schnellere Innovationen und eine größere Skalierbarkeit. Diese Transformation bringt jedoch auch eine neue Welle von Compliance-Herausforderungen mit sich. PCI-DSS 4.0 führt strengere Anforderungen für das Schwachstellenmanagement und das File-Integrity-Monitoring (FIM) in dynamischen Umgebungen wie Kubernetes und containerisierten Workloads ein. Für viele Sicherheits- und…
Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft

Aug 7, 2025 1:12 AM

Tags: access, attack, cloud, container, control, credentials, cybersecurity, data, exploit, flaw, service, theft

Cybersecurity researchers have demonstrated an “end-to-end privilege escalation chain” in Amazon Elastic Container Service (ECS) that could be exploited by an attacker to conduct lateral movement, access sensitive data, and seize control of the cloud environment.The attack technique has been codenamed ECScape by Sweet Security researcher Naor Haziz, who presented the findings today at the…
What Identity Federation Means for Workloads in Cloud-Native Environments

Aug 7, 2025 12:11 AM

Tags: api, cloud, container, identity, infrastructure, jobs, saas, service, tool

7 min readManaging identity across cloud providers used to be a human problem think SSO portals and workforce identity sync. However, as infrastructure becomes more automated, the real fragmentation now resides between workloads: CI/CD pipelines authenticating to SaaS tools, containers accessing APIs, and jobs calling into services across clouds. Each environment has its identity system,…
The AI Security Dilemma: Navigating the High-Stakes World of Cloud AI

Aug 6, 2025 11:11 PM

Tags: access, ai, attack, cloud, container, control, credentials, cve, data, data-breach, flaw, google, identity, infrastructure, intelligence, least-privilege, microsoft, risk, service, software, tool, training, vulnerability, vulnerability-management

AI presents an incredible opportunity for organizations even as it expands the attack surface in new and complex ways. For security leaders, the goal isn’t to stop AI adoption but to enable it securely. Artificial Intelligence is no longer on the horizon; it’s here, and it’s being built and deployed in the cloud at a…
Minimal, Hardened, and Updated Daily: The New Standard for Secure Containers

Aug 5, 2025 3:28 PM

Tags: container, linux, software, startup, supply-chain

Chainguard provides DevSecOps teams with a library of secure-by-default container images so that they don’t have to worry about software supply chain vulnerabilities. The startup is expanding its focus to include Java and Linux, as well. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/minimal-hardened-updated-daily-new-standard-secure-containers
Ransomware goes cloud native to target your backup infrastructure

Aug 5, 2025 10:28 AM

Tags: access, api, authentication, backup, cloud, container, control, credentials, cybercrime, data, defense, exploit, google, group, identity, infrastructure, least-privilege, linkedin, linux, malicious, malware, mfa, north-korea, ransomware, social-engineering, strategy, threat, vulnerability, vulnerability-management

Credential compromise and misconfiguration woes: More sophisticated threat groups have developed social engineering techniques to the point where they reliably trick targets into helping them to bypass multi-factor authentication (MFA) controls before ransacking compromised cloud-hosted environments.For example, threat actors are using compromised OAuth tokens to bypass MFA and inject malicious code into developer ecosystems via…
CISA releases Thorium, an open-source, scalable platform for malware analysis

Aug 4, 2025 2:28 PM

Tags: access, ceo, cio, cisa, compliance, container, control, cyber, cybersecurity, data, docker, framework, github, governance, incident response, kubernetes, malware, open-source, privacy, risk, skills, tool

Rethinking malware analysis at scale: Enterprise-grade malware analysis tools and platforms have been widely used in the security community. But many of them require paid licenses, lack orchestration at scale, or are difficult to integrate with enterprise workflows. Experts view Thorium as a significant democratization of advanced malware analysis technology.”It is a big deal as…
Kali Linux can now run in Apple containers on macOS systems

Jul 31, 2025 9:28 PM

Tags: apple, container, cybersecurity, kali, linux, macOS

Cybersecurity professionals and researchers can now launch Kali Linux in a virtualized container on macOS Sequoia using Apple’s new containerization framework. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/kali-linux-can-now-run-in-apple-containers-on-macos-systems/
N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto

Jul 31, 2025 4:28 PM

Tags: access, attack, cloud, container, crypto, docker, hacker, jobs, korea, linkedin, malicious, malware, north-korea, programming, social-engineering, software, threat

The North Korea-linked threat actor known as UNC4899 has been attributed to attacks targeting two different organizations by approaching their employees via LinkedIn and Telegram.”Under the guise of freelance opportunities for software development work, UNC4899 leveraged social engineering techniques to successfully convince the targeted employees to execute malicious Docker containers in their First seen on…
Applying Tenable’s Risk-based Vulnerability Management to the Australian Cyber Security Centre’s Essential Eight

Jul 30, 2025 7:29 PM

Tags: ai, attack, breach, business, cloud, compliance, container, control, cvss, cyber, cybersecurity, data, data-breach, defense, endpoint, finance, firewall, framework, google, government, identity, incident response, infrastructure, intelligence, Internet, microsoft, mitigation, network, ransomware, risk, service, software, strategy, technology, threat, tool, update, vpn, vulnerability, vulnerability-management, windows, zero-day

Learn how Thales Cyber Services uses Tenable to help customers navigate the maturity levels of the Essential Eight, enabling vulnerability management and staying ahead of cyber threats. In today’s fast-moving digital world, cyber threats are more advanced and relentless than ever. A single security breach can mean financial loss, reputational damage and operational chaos. That’s…
Google patches Gemini CLI tool after prompt injection flaw uncovered

Jul 29, 2025 10:28 PM

Tags: ai, attack, container, docker, exploit, flaw, google, injection, macOS, malicious, open-source, tool, vulnerability

README.md GNU Public License file of the sort that would be part of any open source repo.The researchers then uncovered a combination of smaller weaknesses that could be exploited together to run malicious shell commands without the user’s knowledge. The first weakness is that Gemini CLI sensibly allows users to allowlist frequent commands, for example,…
Researchers Release PoC Exploit for High-Severity NVIDIA AI Toolkit Bug

Jul 21, 2025 4:40 PM

Tags: access, ai, container, cve, cvss, cyber, exploit, flaw, malicious, nvidia, vulnerability

Wiz Research has disclosed a severe vulnerability in the NVIDIA Container Toolkit (NCT), dubbed #NVIDIAScape and tracked as CVE-2025-23266 with a CVSS score of 9.0, enabling malicious containers to escape isolation and gain root access on host systems. This flaw, stemming from a misconfiguration in OCI hook handling, affects NCT versions up to 1.17.7 (in…
Critical NVIDIA Container Toolkit Flaw Allows Privilege Escalation on AI Cloud Services

Jul 18, 2025 1:40 PM

Tags: ai, cloud, container, cve, cvss, cybersecurity, flaw, google, nvidia, service, threat, vulnerability

Cybersecurity researchers have disclosed a critical container escape vulnerability in the NVIDIA Container Toolkit that could pose a severe threat to managed AI cloud services.The vulnerability, tracked as CVE-2025-23266, carries a CVSS score of 9.0 out of 10.0. It has been codenamed NVIDIAScape by Google-owned cloud security company Wiz.”NVIDIA Container Toolkit for all platforms contains…
H2Miner Targets Linux, Windows, and Containers to Illicitly Mine Monero

Jul 17, 2025 5:40 PM

Tags: attack, botnet, container, crypto, cyber, finance, infrastructure, linux, threat, windows

FortiGuard Labs researchers have uncovered a sophisticated cryptomining campaign where the H2Miner botnet, active since late 2019, has expanded its operations to target Linux, Windows, and containerized environments simultaneously. The campaign represents a significant evolution in cross-platform cryptocurrency mining attacks, with threat actors leveraging updated scripts and infrastructure to maximize financial gains from compromised systems.…
NVIDIA Container Toolkit Vulnerability Allows Privileged Code Execution by Attackers

Jul 17, 2025 1:40 PM

Tags: container, cyber, nvidia, update, vulnerability

NVIDIA has released critical security updates addressing two significant vulnerabilities in its Container Toolkit and GPU Operator that could allow attackers to execute arbitrary code with elevated privileges. The vulnerabilities, discovered in July 2025, affect all versions of the Container Toolkit up to 1.17.7 and GPU Operator up to 25.3.0, prompting immediate security patches and…
Security in the Era of AI-speed Exploits

Jul 14, 2025 12:40 PM

Tags: ai, attack, container, exploit

Modern AI attacks require runtime guardrails capable of spanning application, container and node/host runtime environments comprehensively. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/security-in-the-era-of-ai-speed-exploits/
Hackers Weaponize Compiled HTML Help to Deliver Malicious Payload

Jul 14, 2025 12:40 PM

Tags: container, cyber, exploit, hacker, infection, malicious, malware, microsoft, threat

Threat actors have exploited Microsoft Compiled HTML Help (CHM) files to distribute malware, with a notable sample named deklaracja.chm uploaded to VirusTotal from Poland. This CHM file, a binary container for compressed HTML and associated objects, serves as a delivery vehicle for a multi-stage infection chain. Upon execution via the default hh.exe handler, the file…
AWS bolsters security tools to help customers manage AI risks

Jul 11, 2025 10:40 PM

Tags: ai, container, detection, intelligence, risk, service, threat, tool

Amazon Web Services has unveiled new and updated security services, including container-level threat detection and a unified command centre, to help organisations build and secure artificial intelligence applications First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366627572/AWS-bolsters-security-tools-to-help-customers-manage-AI-risks