Tag: docker
-
Vulnerability prioritization beyond the CVSS number
Tags: automation, container, credentials, cve, cvss, data, docker, endpoint, flaw, github, identity, network, open-source, risk, service, update, vulnerability, vulnerability-managementA different way to look at vulnerabilities: This is where the unified linkage model (ULM) comes in. Instead of asking, “How bad is this vulnerability on its own?” ULM asks, “What can this vulnerability affect once it starts moving?”It focuses on three kinds of relationships:Adjacency: Systems that sit side by side and can influence each…
-
Sophisticated VoidLink malware framework targets Linux cloud servers
Cloud reconnaissance and adaptability: The malware was designed to detect whether it’s being executed on various cloud platforms such as AWS, GCP, Azure, Alibaba, and Tencent and then to start leveraging those vendors’ management APIs. The code suggests the developers plan to add detections for Huawei, DigitalOcean, and Vultr in the future.The malware collects extensive…
-
Free Docker Hardened Images challenge Chainguard
Docker calls out Chainguard by making all its hardened container images available free, while Chainguard expands its support for open source security. First seen on techtarget.com Jump to article: www.techtarget.com/searchitoperations/news/366636656/Free-Docker-Hardened-Images-challenge-Chainguard
-
ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories
It’s getting harder to tell where normal tech ends and malicious intent begins. Attackers are no longer just breaking in, they’re blending in, hijacking everyday tools, trusted apps, and even AI assistants. What used to feel like clear-cut “hacker stories” now looks more like a mirror of the systems we all use.This week’s findings show…
-
Docker Releases Free, Production-Grade Hardened Container Images
Docker has released its production-grade hardened container images as a free, open-source offering, marking a significant shift in software supply chain security accessibility. The Docker Hardened Images (DHI), previously a commercial product, are now available under an Apache 2.0 license to all 26 million developers in the container ecosystem. The hardened images address the escalating…
-
Docker makes hardened images free open and transparent for everyone
Docker has made its open source Docker Hardened Images project available at no cost for every developer and organization. The catalog contains more than 1,000 container images … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/22/free-open-docker-hardened-images/
-
Docker Hardened Images now open source and available for free
More than a 1,000 Docker Hardened Images (DHI) are now freely available and open source for software builders, under the Apache 2.0 license. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/docker-hardened-images-now-open-source-and-available-for-free/
-
Docker Fixes ‘Ask Gordon’ AI Flaw That Enabled Metadata-Based Attacks
Pillar Security has identified a critical indirect prompt injection vulnerability in Docker’s ‘Ask Gordon’ assistant. By poisoning metadata on Docker Hub, attackers could bypass security to exfiltrate private build logs and chat history. Discover how the “lethal trifecta” enabled this attack and why updating to Docker Desktop 4.50.0 is essential for developer security. First seen…
-
PCPcat Malware Leverages React2Shell Vulnerability to Breach 59,000+ Servers
Tags: attack, breach, control, cve, cyber, docker, exploit, group, infrastructure, malware, monitoring, vulnerabilityA sophisticated attack campaign attributed to a group identifying as >>PCP
-
Brisantes Datenleck auf Docker Hub: Über 10.000 Docker-Images leaken Zugangsdaten
Auf Docker Hub wurden allein im November Tausende Images mit Keys, Tokens und anderen Anmeldedaten hochgeladen – ein Großteil mit KI-Bezug. First seen on golem.de Jump to article: www.golem.de/news/docker-hub-zugangsdaten-in-ueber-10-000-docker-images-entdeckt-2512-203160.html
-
ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit, and 20 More Stories
This week’s cyber stories show how fast the online world can turn risky. Hackers are sneaking malware into movie downloads, browser add-ons, and even software updates people trust. Tech giants and governments are racing to plug new holes while arguing over privacy and control. And researchers keep uncovering just how much of our digital life…
-
ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit, and 20 More Stories
This week’s cyber stories show how fast the online world can turn risky. Hackers are sneaking malware into movie downloads, browser add-ons, and even software updates people trust. Tech giants and governments are racing to plug new holes while arguing over privacy and control. And researchers keep uncovering just how much of our digital life…
-
Docker Hub: Zugangsdaten in über 10.000 Docker-Images entdeckt
Auf Docker Hub wurden allein im November Tausende Images mit Keys, Tokens oder anderen Anmeldedaten hochgeladen – ein Großteil mit KI-Bezug. First seen on golem.de Jump to article: www.golem.de/news/docker-hub-zugangsdaten-in-ueber-10-000-docker-images-entdeckt-2512-203160.html
-
10K Docker images spray live cloud creds across the internet
Flare warns devs are unwittingly publishing production-level secrets First seen on theregister.com Jump to article: www.theregister.com/2025/12/11/docker_hub_secrets_leak/
-
Fluent Bit vulnerabilities could enable full cloud takeover
Tags: backdoor, cloud, computing, container, cve, docker, flaw, malicious, open-source, remote-code-execution, vulnerabilityFile writes, container overflow, and full agent takeover: Oligo also disclosed a chain of remote code execution (RCE) and path traversal vulnerabilities affecting the tool. CVE-2025-12972 targets the “out_file” output plugin. When Tag values are user-controlled, and no fixed File parameter is set, attackers can abuse the Tag value (e.g.,”../”) to cause path-traversal file writes…
-
Fluent Bit vulnerabilities could enable full cloud takeover
Tags: backdoor, cloud, computing, container, cve, docker, flaw, malicious, open-source, remote-code-execution, vulnerabilityFile writes, container overflow, and full agent takeover: Oligo also disclosed a chain of remote code execution (RCE) and path traversal vulnerabilities affecting the tool. CVE-2025-12972 targets the “out_file” output plugin. When Tag values are user-controlled, and no fixed File parameter is set, attackers can abuse the Tag value (e.g.,”../”) to cause path-traversal file writes…
-
Fluent Bit vulnerabilities could enable full cloud takeover
Tags: backdoor, cloud, computing, container, cve, docker, flaw, malicious, open-source, remote-code-execution, vulnerabilityFile writes, container overflow, and full agent takeover: Oligo also disclosed a chain of remote code execution (RCE) and path traversal vulnerabilities affecting the tool. CVE-2025-12972 targets the “out_file” output plugin. When Tag values are user-controlled, and no fixed File parameter is set, attackers can abuse the Tag value (e.g.,”../”) to cause path-traversal file writes…
-
Fluent Bit vulnerabilities could enable full cloud takeover
Tags: backdoor, cloud, computing, container, cve, docker, flaw, malicious, open-source, remote-code-execution, vulnerabilityFile writes, container overflow, and full agent takeover: Oligo also disclosed a chain of remote code execution (RCE) and path traversal vulnerabilities affecting the tool. CVE-2025-12972 targets the “out_file” output plugin. When Tag values are user-controlled, and no fixed File parameter is set, attackers can abuse the Tag value (e.g.,”../”) to cause path-traversal file writes…
-
Dangerous runC Flaws Could Allow Hackers to Escape Docker Containers
New runC vulnerabilities allow potential container escapes and host takeover, putting Docker, Kubernetes, and cloud-native environments at risk. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/runc-vulnerability-container-risk/
-
Researchers Uncover Critical runC Bugs Allowing Full Container Escape
Security researchers have revealed three serious vulnerabilities in runC, the Open Container Initiative (OCI)-compliant runtime that powers platforms such as Docker and Kubernetes, which could allow attackers to break container isolation and gain control of the host system. The flaws, tracked as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881, stem from weaknesses in how runC manages temporary bind…
-
Researchers Uncover Critical runC Bugs Allowing Full Container Escape
Security researchers have revealed three serious vulnerabilities in runC, the Open Container Initiative (OCI)-compliant runtime that powers platforms such as Docker and Kubernetes, which could allow attackers to break container isolation and gain control of the host system. The flaws, tracked as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881, stem from weaknesses in how runC manages temporary bind…
-
Runtime bugs break container walls, enabling root on Docker hosts
Console and Write-Gadget Lurkers: CVE-2025-52565 & CVE-2025-52881: The second vulnerability, tracked as CVE-2025-52565, targets “/dev/console” bind-mount handling. An attacker can replace the target path with a symlink, which will cause runc to bind-mount the wrong target, allowing the attacker to gain write access to procfs paths.”As with CVE-2025-31133, this happens after pivot_root(2) and so cannot…
-
Runtime bugs break container walls, enabling root on Docker hosts
Console and Write-Gadget Lurkers: CVE-2025-52565 & CVE-2025-52881: The second vulnerability, tracked as CVE-2025-52565, targets “/dev/console” bind-mount handling. An attacker can replace the target path with a symlink, which will cause runc to bind-mount the wrong target, allowing the attacker to gain write access to procfs paths.”As with CVE-2025-31133, this happens after pivot_root(2) and so cannot…
-
Runtime bugs break container walls, enabling root on Docker hosts
Console and Write-Gadget Lurkers: CVE-2025-52565 & CVE-2025-52881: The second vulnerability, tracked as CVE-2025-52565, targets “/dev/console” bind-mount handling. An attacker can replace the target path with a symlink, which will cause runc to bind-mount the wrong target, allowing the attacker to gain write access to procfs paths.”As with CVE-2025-31133, this happens after pivot_root(2) and so cannot…
-
Sicherheitslücken in RunC: Angreifer können aus Docker-Containern ausbrechen
Administratoren sollten aufpassen, welche Docker-Images sie nutzen. Angreifer können sich Root-Zugriff auf das Hostsystem verschaffen. First seen on golem.de Jump to article: www.golem.de/news/sicherheitsluecken-in-runc-angreifer-koennen-aus-docker-containern-ausbrechen-2511-202019.html
-
Hackers Abuse runc Tool to Escape Containers and Compromise Hosts
Three critical vulnerabilities in runc, the widely-used container runtime that powers Docker and Kubernetes, have been disclosed, allowing attackers to break out of container isolation and gain root access to host systems. The flaws, identified as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881, were revealed by a SUSE researcher on November 5, 2025. CVE ID Affected Versions Fixed…
-
Hackers Abuse runc Tool to Escape Containers and Compromise Hosts
Three critical vulnerabilities in runc, the widely-used container runtime that powers Docker and Kubernetes, have been disclosed, allowing attackers to break out of container isolation and gain root access to host systems. The flaws, identified as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881, were revealed by a SUSE researcher on November 5, 2025. CVE ID Affected Versions Fixed…
-
Hackers Abuse runc Tool to Escape Containers and Compromise Hosts
Three critical vulnerabilities in runc, the widely-used container runtime that powers Docker and Kubernetes, have been disclosed, allowing attackers to break out of container isolation and gain root access to host systems. The flaws, identified as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881, were revealed by a SUSE researcher on November 5, 2025. CVE ID Affected Versions Fixed…
-
Dangerous runC flaws could allow hackers to escape Docker containers
Three newly disclosed vulnerabilities in the runC container runtime used in Docker and Kubernetes could be exploited to bypass isolation restrictions and get access to the host system. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dangerous-runc-flaws-could-allow-hackers-to-escape-docker-containers/