Dark Reading

Docker Leaks API Secrets & Private Keys, as Cybercriminals Pounce

Container images shared on Docker Hub are leaking sensitive data in the cloud, to the tune of tens of thousands of secrets. And attackers are scooping these up to be used to compromise a wide range of ...
CSOonline

Misconfigured Docker API endpoints allow attackers to deliver DDoS botnet agent

A new attack campaign deploys malicious container images on cloud servers by exploiting insecure Docker Engine API endpoints. The malicious image contains a distributed denial-of-service (DDoS) botnet ...
Hosted on MSN

You should probably fix this 5-year-old critical Docker vuln fairly sharpish

Docker is warning users to rev their Docker Engine into patch mode after it realized a near-maximum severity vulnerability had been sticking around for five years.… Now tracked as CVE-2024-41110, the ...
TechRadar

Docker API servers being hit to spread cryptomining malware

Hackers are targeting vulnerable Docker remote API servers, and using them to mine cryptocurrencies on the underlying hardware, experts have warned. Cybersecurity researchers from Trend Micro stated ...
CSOonline

Docker re-fixes a critical authorization bypass vulnerability

Open source containerization platform Docker has urged users to patch a critical vulnerability affecting certain versions of the Docker Engine that allows privilege escalation using specially crafted ...
Threat Post

Misconfigured Docker Servers Under Attack by Xanthe Malware

The never-before-seen Xanthe cryptomining botnet has been targeting misconfigured Docker APIs. Researchers have discovered a Monero cryptomining botnet they call Xanthe, which has been exploiting ...
Make Tech Easier

How Cleaning Up My Docker Habits Made Me More Productive

Learn common Docker mistakes, from bloated images to security risks, and how to fix them for safer, faster containers.