The Hacker News

Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata

Docker patched a critical Ask Gordon AI flaw enabling code execution and data theft via malicious image metadata in version 4 ...
Dark Reading

Malicious or Vulnerable Docker Images Widespread, Firm Says

More than half of the latest images available on Docker Hub have critical vulnerabilities from outdated software, while thousands of images are attack tools or other potentially dangerous software, ...
SiliconANGLE

Docker makes its entire catalog of security-hardened container images free for everyone

Software containerization company Docker Inc. said today it’s going to transform application security by enabling developers to standardize on security-hardened, enterprise-grade container images that ...
Infosecurity Magazine

DockerDash Exposes AI Supply Chain Weakness In Docker's Ask Gordon

The issue, dubbed DockerDash by Noma Labs, exposes weaknesses across the full AI execution chain, from model interpretation ...
Bleeping Computer

Docker-OSX image used for security research hit by Apple DMCA takedown

404 errors seen by Docker-OSX users Source: Sick.Codes After posting about the removal on X, Docker confirmed it with Sick.Codes that the image was removed after they received a DMCA takedown request ...
Dark Reading

Whispers of XZ Utils Backdoor Live on in Old Docker Images

The infamous XZ Utils backdoor discovered last year may have a bit of life in it yet. Binarly on Aug. 12 published research concerning the XY Utils backdoor, a notorious incident in which a developer ...
ZDNet

Snyk to automatically check Docker Official Images for security problems

I love containers. You love containers. We all love containers. But our love for them blinds to us to the fact that we often don't really know what's running within them. In 2019, Snyk, an open-source ...