Bleeping Computer

Hackers hide behind Tor in exposed Docker API breaches

A threat actor targeting exposed Docker APIs has updated its malicious tooling with more dangerous functionality that could lay the foundation for a complex botnet. The activity was first reported in ...
CSOonline

Docker re-fixes a critical authorization bypass vulnerability

Open source containerization platform Docker has urged users to patch a critical vulnerability affecting certain versions of the Docker Engine that allows privilege escalation using specially crafted ...
CSOonline

Old Docker authorization bypass pops up despite previous patch

A 10-year-old issue involving Docker Engine and the AuthZ authorization plug-in lives again to enable attackers to gain root-level access to host systems. Researchers warn about a new vulnerability ...