Latest coverage for Containers

Dirty Frag is a newly disclosed Linux local privilege escalation vulnerability affecting kernel networking and memory-fragment handling components including esp4, esp6, and rxrpc. The vulnerability enables reliable escalation from an unprivileged user to root and may be leveraged after initial compromise through SSH access, web shells, containers, or low-privileged accounts. Microsoft Defender is actively monitoring limited in-the-wild activity and provides detection coverage for exploitation attempts. The post Active attack: Dirty Frag Linux vulnerability expands post-compromise risk appeared first on Microsoft Security Blog.

The rebuilt Chainguard platform adds deeper security designed to continuously reconcile open source artifacts across containers, libraries, agent skills, and GitHub Actions.

CrackArmor AppArmor flaws let local Linux users gain root, break containers and enable DoS attacks

BellSoft survey finds 48% prefer pre‑hardened images over managing vulnerabilities themselves Java developers still struggle to secure containers, with nearly half (48 percent) saying they'd rather delegate security to providers of hardened containers than worry about making their own container security decisions.…

Dutchman fails to convince judges his trial was unfair because cops read his encrypted chats A Dutch appeals court has kept a seven-year prison sentence in place for a man who hacked port IT systems with malware-stuffed USB sticks to help cocaine smugglers move containers, brushing off claims that police shouldn't have been reading his encrypted chats.…

Deal Represents Return to Tuck-In M&A for Palo After 3 Multi-Billion Dollar DealsPalo Alto Networks is in talks to buy Washington D.C-based endpoint security startup Koi for $400 million. Koi is focused on securing extensions, AI models, code packages and containers, and its differentiation lies in mapping, assessing risk and govern the software landscape at enterprise scale.

AI Adoption Putting Hypervisors in Attackers Sights, Says Google Cloud's Jamie CollierHypervisors and virtualized infrastructure are drawing more cyberattacks, a trend that reflects organizations' expanded use of cloud services, containers and artificial intelligence-driven systems, said Jamie Collier, lead threat intelligence advisor for the EMEA region at Google Cloud.

Secure-by-Design Startup Uses AI Agents to Safeguard Containers, VMs and LibrariesCloud security startup Echo has closed a $35 million Series A funding round to boost development of its AI-native OS. The platform starts with secure container images and aims to extend to VMs and libraries, helping enterprises minimize risk from open-source software.

A kitchen-sink approach to building containers has loaded many with vulnerabilities. A handful of companies are trying to slim them down to address the issue.

Learn all about AI-powered visibility, telemetry, and proactive security across mainframe, cloud, containers, and enterprise workloads.

Three newly disclosed vulnerabilities in the runC container runtime used in Docker and Kubernetes could be exploited to bypass isolation restrictions and get access to the host system. [...]

Cybersecurity researchers have disclosed details of a new botnet that customers can rent access to conduct distributed denial-of-service (DDoS) attacks against targets of interest

The security landscape for cloud-native applications is undergoing a profound transformation. Containers, Kubernetes, and serverless technologies are now the default for modern enterprises, accelerating delivery but also expanding the attack surface in ways traditional security models can’t keep up with

Just-in-Time, Database, Kubernetes Access Fuel Privileged Access Startup M&ABy acquiring startup Axiom Security, Okta aims to enhance privileged access by offering broader coverage of sensitive assets like Kubernetes containers and databases. The company says the move accelerates value delivery and complements Okta's existing privileged access capabilities.

Chainguard provides DevSecOps teams with a library of "secure-by-default" container images so that they don't have to worry about software supply chain vulnerabilities. The startup is expanding its focus to include Java and Linux, as well.

Cybersecurity professionals and researchers can now launch Kali Linux in a virtualized container on macOS Sequoia using Apple's new containerization framework. [...]

The North Korea-linked threat actor known as UNC4899 has been attributed to attacks targeting two different organizations by approaching their employees via LinkedIn and Telegram

The attack is similar to previous campaigns by an actor called Commando Cat to use misconfigured APIs to compromise containers and deploy cryptocurrency miners.

Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a cryptocurrency mining botnet

Startup Says It Cuts Software Vulnerability Volume, Helps Developers Avoid OverloadBacked by YL Ventures and Mayfield, Minimus says its new curated software containers reduce vulnerabilities by over 95%—freeing developers from excessive scanning and patching and reframing the traditional relationship between development and security teams.