- June 26, 2019Kubernetes announced the discovery of CVE-2019-11246, a high-severity vulnerability affecting the command-line interface kubectl, during an ongoing third-party security audit.
- May 23, 2019Roughly 19% of the top 1,000 most popular containers on the Docker Hub portal are misconfigured, leaving them vulnerable to attacks given specific conditions.
- May 14, 2019The rise in adoption of containers means a greater need for security awareness. Our infographic details the various threats that container users could encounter at each stage of the development pipeline.
- May 10, 2019Threat actors were found exploiting CVE-2018-1000861, a vulnerability in the Stapler web framework that is used by the Apache Jenkins open-source software development automation server with versions 2.153 and earlier.
- April 30, 2019In an email sent to their customers on April 26, Docker reported that the online repository of their popular container platform suffered a data breach that affected 190,000 users.
- April 04, 2019A year after a potentially critical vulnerability (CVE-2018-1002100) was found and patched in the popular open-source container orchestration system and DevOps tool Kubernetes, researchers discovered that the vulnerability can still be exploited.
- March 19, 2019Cybercriminals are targeting cloud infrastructure via compromised container management platforms, malicious Docker images, API key theft, and control panel exploitation.
- March 12, 2019Popular open-source DevOps automation software StackStorm was reported to have a critical vulnerability that could allow remote attackers to perform arbitrary commands on targeted servers.
- February 28, 2019CVE-2019-5736 is a vulnerability involving the runC runtime component, which is used for container platforms such as Docker and container orchestration platforms such as Kubernetes.