Dark Reading

Docker Leaks API Secrets & Private Keys, as Cybercriminals Pounce

Container images shared on Docker Hub are leaking sensitive data in the cloud, to the tune of tens of thousands of secrets. And attackers are scooping these up to be used to compromise a wide range of ...
CSOonline

Misconfigured Docker API endpoints allow attackers to deliver DDoS botnet agent

A new attack campaign deploys malicious container images on cloud servers by exploiting insecure Docker Engine API endpoints. The malicious image contains a distributed denial-of-service (DDoS) botnet ...
TechRadar

Docker APIs under attack once again

Cybercriminals have launched attacks against Docker APIs in the past but now they're building and running malicious container images on the host according to a new report from Aqua's Nautilus Team. In ...
Hosted on MSN

You should probably fix this 5-year-old critical Docker vuln fairly sharpish

Docker is warning users to rev their Docker Engine into patch mode after it realized a near-maximum severity vulnerability had been sticking around for five years.… Now tracked as CVE-2024-41110, the ...
TechRadar

Docker API servers being hit to spread cryptomining malware

Hackers are targeting vulnerable Docker remote API servers, and using them to mine cryptocurrencies on the underlying hardware, experts have warned. Cybersecurity researchers from Trend Micro stated ...
SC Media

Novel malware campaign sets sights on misconfigured Docker APIs

Cryptocurrency mining malware and other malicious payloads have been deployed against misconfigured Docker API servers as part of a novel malware campaign, similar to the Spinning YARN campaign used ...
SiliconANGLE

Unpatched Docker hosts attacked in cryptojacking campaign

Hackers have successfully attacked hundreds of unpatched Docker hosts to run cryptomining scripts, according to a new report released Monday by security firm Imperva Inc. The new wave of attacks on ...