The Hacker News

Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access

Docker CVE-2026-34040 enables AuthZ bypass via padded requests, risking host compromise; fixed in version 29.3.1.
Dark Reading

Docker Leaks API Secrets & Private Keys, as Cybercriminals Pounce

Container images shared on Docker Hub are leaking sensitive data in the cloud, to the tune of tens of thousands of secrets. And attackers are scooping these up to be used to compromise a wide range of ...
TechRadar

Docker API targeted by cryptojacking campaign looking to build mega botnet

Hackers have been spotted using the Docker Engine API to target various containers with cryptojackers and other malware. Cybersecurity researchers at Datadog, who recently observed one such campaign ...
TechRadar

Docker API servers being hit to spread cryptomining malware

Hackers are targeting vulnerable Docker remote API servers, and using them to mine cryptocurrencies on the underlying hardware, experts have warned. Cybersecurity researchers from Trend Micro stated ...
Threat Post

Attack Uses Docker Containers To Hide, Persist, Plant Malware

Abuse of the Docker API allows remote code execution on targeted system, which enables hackers to escalate and persists thanks to novel attacks called Host Rebinding Attack and Shadow Containers. LAS ...
Infosecurity-magazine.com

Python Malware Poses DDoS Threat Via Docker API Misconfiguration

Security researchers have identified a new cyber-threat targeting publicly exposed instances of the Docker Engine API. In this campaign, attackers exploit misconfigurations to deploy a malicious ...
Infosecurity-magazine.com

Docker Users Targeted with Crypto Malware Via Exposed APIs

Hackers are attempting to compromise Docker servers en masse via exposed APIs in order to spread cryptocurrency mining malware, according to researchers. Aqua Security claimed to have tracked the ...