Hosted on MSN

Docker opens hardened container images to all developers

Docker has made its enterprise-grade hardened container images freely available to the global developer community, marking a significant shift in how secure software supply chains are built and ...
Dark Reading

Whispers of XZ Utils Backdoor Live on in Old Docker Images

The infamous XZ Utils backdoor discovered last year may have a bit of life in it yet. Binarly on Aug. 12 published research concerning the XY Utils backdoor, a notorious incident in which a developer ...
Bleeping Computer

Dangerous runC flaws could allow hackers to escape Docker containers

Three newly disclosed vulnerabilities in the runC container runtime used in Docker and Kubernetes could be exploited to bypass isolation restrictions and get access to the host system. The security ...
CSOonline

Python GitHub token leak shows binary files can burn developers too

Scrubbing tokens from source code is not enough, as shown by the publishing of a Python Software Foundation access token with administrator privileges to a container image on Docker Hub. A personal ...