The critical vulnerability exists in the contextual trust in MCP Gateway architecture, as instructions are passed without validation.
The post DockerDash Flaw in Docker AI Assistant Leads to RCE, Data Theft appeared first on SecurityWeek.
Docker Makes 1,000 Hardened Images Free and Open Source
Millions of developers can now use the secure, production-ready images made by Docker.
The post Docker Makes 1,000 Hardened Images Free and Open Source appeared first on SecurityWeek.
Exposed Docker APIs Likely Exploited to Build Botnet
Hackers mount the host’s file system into fresh containers, fetch malicious scripts over the Tor network, and block access to the Docker API.
The post Exposed Docker APIs Likely Exploited to Build Botnet appeared first on SecurityWeek.
Docker Desktop Vulnerability Leads to Host Compromise
A critical vulnerability in Docker Desktop allows attackers to modify the filesystem of Windows hosts to become administrators.
The post Docker Desktop Vulnerability Leads to Host Compromise appeared first on SecurityWeek.
Docker Patches Critical AuthZ Plugin Bypass Vulnerability Dating Back to 2018
The vulnerability, tagged as CVE-2024-41110 with a CVSS severity score of 10/10, was originally found and fixed in 2018.
The post Docker Patches Critical AuthZ Plugin Bypass Vulnerability Dating Back to 2018 appeared first on SecurityWeek.
‘Leaky Vessels’ Container Escape Vulnerabilities Impact Docker, Others
Snyk discloses information on Leaky Vessels, several potentially serious container escape vulnerabilities affecting Docker and others.
The post ‘Leaky Vessels’ Container Escape Vulnerabilities Impact Docker, Others appeared first on SecurityWeek.
MySQL Servers, Docker Hosts Infected With DDoS Malware
Researchers warn attackers are targeting MySQL servers and Docker hosts to plant malware capable of launching distributed DDoS attacks.
The post MySQL Servers, Docker Hosts Infected With DDoS Malware appeared first on SecurityWeek.
