The Hacker News

Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata

Docker patched a critical Ask Gordon AI flaw enabling code execution and data theft via malicious image metadata in version 4.50.0.
Dark Reading

Malicious or Vulnerable Docker Images Widespread, Firm Says

More than half of the latest images available on Docker Hub have critical vulnerabilities from outdated software, while thousands of images are attack tools or other potentially dangerous software, ...
SiliconANGLE

Docker makes its entire catalog of security-hardened container images free for everyone

Software containerization company Docker Inc. said today it’s going to transform application security by enabling developers to standardize on security-hardened, enterprise-grade container images that ...
Bleeping Computer

Docker-OSX image used for security research hit by Apple DMCA takedown

404 errors seen by Docker-OSX users Source: Sick.Codes After posting about the removal on X, Docker confirmed it with Sick.Codes that the image was removed after they received a DMCA takedown request ...
Dark Reading

Whispers of XZ Utils Backdoor Live on in Old Docker Images

The infamous XZ Utils backdoor discovered last year may have a bit of life in it yet. Binarly on Aug. 12 published research concerning the XY Utils backdoor, a notorious incident in which a developer ...
AppleInsider

Docker Desktop for macOS vulnerability allows malicious images to be installed

Docker Desktop for macOS, the management tool for the app container system, has an authorization vulnerability that can be used for malicious purposes. A security flaw has been discovered in Docker ...