Please turn on your JavaScript for this page to function normally.
Containers
Containers are just processes: The illusion of namespace security

In the early days of commercial open source, major vendors cast doubt on its security, claiming transparency was a flaw. In fact, that openness fueled strong communities and …

Kubernetes
Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover

Wiz researchers have unearthed several critical vulnerabilities affecting Ingress NGINX Controller for Kubernetes (ingress-nginx) that may allow attackers to take over …

Kata Containers
Kata Containers: Open-source container runtime, building lightweight VMs

Kata Containers is an open-source project dedicated to creating a secure container runtime that combines the performance and simplicity of containers with the enhanced …

Containers
Containers have 600+ vulnerabilities on average

Containers are the fastest growing – and weakest cybersecurity link – in software supply chains, according to NetRise. Companies are struggling to get container …

QScanner
QScanner: Linux command-line utility for scanning container images, conducting SCA

QScanner is a Linux command-line utility tailored for scanning container images and performing Software Composition Analysis (SCA). It is compatible with diverse container …

Am I Isolated
Am I Isolated: Open-source container security benchmark

Am I Isolated is an open-source container security benchmark that probes users’ runtime environments and tests for container isolation. The Rust-based container runtime …

Emily Long
How isolation technologies are shaping the future of Kubernetes security

In this Help Net Security interview, Emily Long, CEO at Edera, discusses the most common vulnerabilities in Kubernetes clusters and effective mitigation strategies. Long …

Paolo Mainardi
Strengthening Kubernetes security posture with these essential steps

In this Help Net Security interview, Paolo Mainardi, CTO at SparkFabrik, discusses comprehensive strategies to secure Kubernetes environments from development through …

DockerSpy
DockerSpy: Search for images on Docker Hub, extract sensitive information

DockerSpy scans Docker Hub for images and retrieves sensitive information, including authentication secrets, private keys, and other confidential data. “DockerSpy was …

Docker fixes critical auth bypass flaw, again (CVE-2024-41110)

A critical-severity Docker Engine vulnerability (CVE-2024-41110) may be exploited by attackers to bypass authorization plugins (AuthZ) via specially crafted API request, …

Portainer
Portainer: Open-source Docker and Kubernetes management

Portainer Community Edition is an open-source, lightweight service delivery platform for containerized applications. It enables the management of Docker, Swarm, Kubernetes, …

Curl
Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545)

Curl v8.4.0 is out, and fixes – among other things – a high-severity SOCKS5 heap buffer overflow vulnerability (CVE-2023-38545). Appropriate patches for some older …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released whent there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools