Dark Reading

Malicious or Vulnerable Docker Images Widespread, Firm Says

More than half of the latest images available on Docker Hub have critical vulnerabilities from outdated software, while thousands of images are attack tools or other potentially dangerous software, ...
Bleeping Computer

Docker-OSX image used for security research hit by Apple DMCA takedown

Meanwhile, Docker-OSX remains available on GitHub at the time of writing, but the repository there only contains the project's code, not the installer binaries, so Sick.Codes does not expect a DMCA ...
SiliconANGLE

Docker makes its entire catalog of security-hardened container images free for everyone

Software containerization company Docker Inc. said today it’s going to transform application security by enabling developers to standardize on security-hardened, enterprise-grade container images that ...
AppleInsider

Docker Desktop for macOS vulnerability allows malicious images to be installed

Docker Desktop for macOS, the management tool for the app container system, has an authorization vulnerability that can be used for malicious purposes. A security flaw has been discovered in Docker ...
Dark Reading

Whispers of XZ Utils Backdoor Live on in Old Docker Images

The infamous XZ Utils backdoor discovered last year may have a bit of life in it yet. Binarly on Aug. 12 published research concerning the XY Utils backdoor, a notorious incident in which a developer ...
TechRadar

Docker could still be hosting a whole load of potentially malicious images - putting users at risk

XZ-Utils backdoor was found over a year ago Despite warnings, some Linux images still contain it Debian won't budge as the images are "historical artifacts" At least 35 Linux images hosted on Docker ...