Security news aggregator

Latest coverage for Docker

Explore the latest Docker security news, updates, and best practices to safeguard your containers and applications with our information security insights.

108 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Docker is a platform for building, distributing, and running applications as containers. An image packages application code and dependencies; Docker Engine starts it as an isolated process that shares the host’s operating-system kernel, rather than as a full virtual machine. The Docker API and image registries connect local or automated build and deployment workflows.

Security depends on both the daemon and the images it runs. Access to the Docker daemon or its socket can provide extensive control of the host, so the API should not be unnecessarily exposed and socket mounts should be tightly restricted. Privileged containers, excessive Linux capabilities, and broad host filesystem mounts weaken isolation. Image vulnerabilities or malicious dependencies can enter through the build and distribution chain; use trusted, minimal bases, pinned dependencies, vulnerability scanning, provenance controls, and regular rebuilds. Do not place secrets in image layers. Rootless mode and restrictive security profiles can reduce the consequences of a compromised container.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 108

Attackers are exploiting a critical Gitea flaw (CVE-2026-20896) that bypasses authentication with a single HTTP header, exposing repositories and sensitive data. Sysdig researchers warn that attackers are actively exploiting a critical authentication bypass flaw, tracked as CVE-2026-20896 (CVSS score of 9.8), which affects Gitea official Docker images before version 1.26.3. “CVE-2026-20896 exploited 13 days after […]

Supply chain attackers are not only trying to slip malicious code into trusted software. They are trying to steal the access that makes trusted software possible. Recently, three separate campaigns hit npm, PyPI, and Docker Hub in a 48-hour window, and all three targeted secrets from developer environments and CI/CD pipelines, including API keys, cloud credentials, SSH keys, and tokens. This is

Bank Info Security 3 months, 1 week ago

Breach Roundup: German Police Expose REvil, GandCrab Boss

Also, Medusa Ransomware, Grafana Flaw, German Political Party BreachThis week, German police unmasked a REvil leader, a critical Docker flaw, Medusa ransomware surged, DPRK hackers abused GitHub, Grafana AI bugs enabled data theft, scams hit $20B in the United States, Ivanti exploited and attacks hit Northern Ireland schools and a German political party.

Bank Info Security 5 months, 1 week ago

Docker AI Bug Lets Image Metadata Trigger Attacks

AI Assistant Executes Hidden Commands Embedded in Docker Image LabelsA vulnerability in Docker's Ask Gordon AI assistant allows attackers to execute malicious commands by hiding them in the container application development platform's image metadata, said security researchers. Dubbed DockerDash, the vulnerability exploits a failure across Docker's AI execution chain.

Cybersecurity researchers have disclosed details of a now-patched security flaw impacting Ask Gordon, an artificial intelligence (AI) assistant built into Docker Desktop and the Docker Command-Line Interface (CLI), that could be exploited to execute code and exfiltrate sensitive data

It’s getting harder to tell where normal tech ends and malicious intent begins. Attackers are no longer just breaking in — they’re blending in, hijacking everyday tools, trusted apps, and even AI assistants. What used to feel like clear-cut “hacker stories” now looks more like a mirror of the systems we all use

Loading more headlines...