TechRadar

Docker API targeted by cryptojacking campaign looking to build mega botnet

Hackers have been spotted using the Docker Engine API to target various containers with cryptojackers and other malware. Cybersecurity researchers at Datadog, who recently observed one such campaign ...
CSOonline

Misconfigured Docker API endpoints allow attackers to deliver DDoS botnet agent

A new attack campaign deploys malicious container images on cloud servers by exploiting insecure Docker Engine API endpoints. The malicious image contains a distributed denial-of-service (DDoS) botnet ...
CSOonline

Docker re-fixes a critical authorization bypass vulnerability

Open source containerization platform Docker has urged users to patch a critical vulnerability affecting certain versions of the Docker Engine that allows privilege escalation using specially crafted ...
TechRadar

Docker finally fixes a critical security flaw that could have allowed for account hijack

Five years ago, Docker fixed a critical-severity vulnerability in Docker Engine that allowed threat actors to bypass authorization plugins and escalate privileges on flawed instances. However, one of ...