A recently discovered flaw in Docker Engine let attackers bypass security checks by exploiting how request bodies are handled. The vulnerability, affecting versions before 29.3.1, put systems using AuthZ plugins at risk. Immediate patching is advised.
A critical security flaw in Docker was rapidly patched, preventing potential attacks on cloud infrastructure worldwide. This investigative feature unpacks the incident, its technical context, and the lessons for the digital age.
A critical flaw in Docker's Ask Gordon AI let attackers weaponize image metadata for remote code execution and data theft, exposing urgent risks in the AI-powered software supply chain.
Docker’s decision to release hardened container images for free could reshape how organizations defend against escalating supply chain attacks—making top-tier security accessible beyond enterprise giants.
Docker has dismantled the paywall around its Hardened Images, making over 1,000 secure, production-ready container images freely available under an open-source license. This move could reshape the landscape of software supply-chain security.
Researchers exposed how Docker’s Ask Gordon AI could be hijacked via metadata poisoning to exfiltrate sensitive data—until a rapid patch put users back in control.
Docker has released more than 1,000 security-hardened container images for free, marking a major shift in supply chain security. Our feature investigates the move, industry context, and what it means for developers.