The Hacker News

Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata

Docker patched a critical Ask Gordon AI flaw enabling code execution and data theft via malicious image metadata in version 4 ...
Dark Reading

Malicious or Vulnerable Docker Images Widespread, Firm Says

More than half of the latest images available on Docker Hub have critical vulnerabilities from outdated software, while thousands of images are attack tools or other potentially dangerous software, ...
SiliconANGLE

Docker makes its entire catalog of security-hardened container images free for everyone

Software containerization company Docker Inc. said today it’s going to transform application security by enabling developers to standardize on security-hardened, enterprise-grade container images that ...
Infosecurity Magazine

DockerDash Exposes AI Supply Chain Weakness In Docker's Ask Gordon

The issue, dubbed DockerDash by Noma Labs, exposes weaknesses across the full AI execution chain, from model interpretation ...
Bleeping Computer

Docker-OSX image used for security research hit by Apple DMCA takedown

404 errors seen by Docker-OSX users Source: Sick.Codes After posting about the removal on X, Docker confirmed it with Sick.Codes that the image was removed after they received a DMCA takedown request ...
TechRadar

Docker could still be hosting a whole load of potentially malicious images - putting users at risk

XZ-Utils backdoor was found over a year ago Despite warnings, some Linux images still contain it Debian won't budge as the images are "historical artifacts" At least 35 Linux images hosted on Docker ...
ZDNet

Snyk to automatically check Docker Official Images for security problems

I love containers. You love containers. We all love containers. But our love for them blinds to us to the fact that we often don't really know what's running within them. In 2019, Snyk, an open-source ...