Docker patched CVE-2025-9074 (CVSS 9.3), a flaw enabling container escape via unauthenticated API, risking host takeover.

Missing authentication on the Docker Engine management API for Docker Desktop on Windows and Mac allows attackers to break ...

Podman was designed as a near drop-in replacement for Docker. Commands like podman run, podman ps, and podman build mirror ...

A critical vulnerability in Docker Desktop allows attackers to modify the filesystem of Windows hosts to become ...

"A malicious container running on Docker Desktop could access the Docker Engine and launch additional containers without ...

Abuse of the Docker API allows remote code execution on targeted system, which enables hackers to escalate and persists thanks to novel attacks called Host Rebinding Attack and Shadow Containers.

Docker has issued security updates to address a critical vulnerability impacting certain versions of Docker Engine that could allow an attacker to bypass authorization plugins (AuthZ) under ...

Image: Docker, ZDNet A hacking group is currently mass-scanning the internet looking for Docker platforms that have API endpoints exposed online. The purpose of these scans is to allow the hacker ...

Hackers are targeting vulnerable Docker remote API servers, and using them to mine cryptocurrencies on the underlying hardware, experts have warned. Cybersecurity researchers from Trend Micro ...

The hackers abused the Docker API to deploy new servers inside a company's cloud infrastructure. The servers, running a version of Alpine Linux, were then infected with crypto-mining malware, but ...