containers
DockSec: Open-source AI-powered Docker security scanner
DockSec is an OWASP Incubator Project that combines three container security scanners with a language-model layer for explanation and remediation. Created by Advait Patel, the …
Fragnesia: New Linux kernel LPE bug was spawned by Dirty Frag patch (CVE-2026-46300)
Researchers have found and disclosed yet another local privilege escalation (LPE) vulnerability in the Linux kernel: CVE-2026-46300, aka “Fragnesia”. The flaw is …
Fedora Hummingbird brings the container security model to a Linux host OS
Container image security pipelines have spent the past several years pushing toward minimal footprints, hermetic builds, and continuous CVE remediation. The Fedora Project is …
Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431)
Security researchers at Theori have disclosed a high-severity local privilege escalation (LPE) vulnerability (CVE-2026-31431) in the Linux kernel. The flaw, nicknamed …
NVIDIA puts GPU orchestration in community hands
GPU-accelerated AI workloads now run on Kubernetes in the large majority of enterprise environments. Managing those workloads at scale has required specialized tooling that, …
StackRox: Open-source Kubernetes security platform
Security teams spend a lot of time stitching together checks across container images, running workloads, and deployment pipelines. The work often happens under time pressure, …
Docker makes hardened images free open and transparent for everyone
Docker has made its open source Docker Hardened Images project available at no cost for every developer and organization. The catalog contains more than 1,000 container images …
Behind the code: How developers work in 2025
How are developers working in 2025? Docker surveyed over 4,500 people to find out, and the answers are a mix of progress and ongoing pain points. AI is gaining ground but …
Kernel-level container insights: Utilizing eBPF with Cilium, Tetragon, and SBOMs for security
As applications become more distributed, traditional monitoring and security tools are failing to keep pace. This article explores how eBPF, when utilized by the graduated …
Containers are just processes: The illusion of namespace security
In the early days of commercial open source, major vendors cast doubt on its security, claiming transparency was a flaw. In fact, that openness fueled strong communities and …
Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover
Wiz researchers have unearthed several critical vulnerabilities affecting Ingress NGINX Controller for Kubernetes (ingress-nginx) that may allow attackers to take over …
Kata Containers: Open-source container runtime, building lightweight VMs
Kata Containers is an open-source project dedicated to creating a secure container runtime that combines the performance and simplicity of containers with the enhanced …
Featured news
Resources
Don't miss
- Reachability makes AI threat modeling worth the trust
- EU Cybersecurity Act 2.0: When good regulation goes bad
- The rise of machine identities and agentic AI: Securing trust in the next era of digital autonomy
- China-linked spies backdoored authentication stack to stay hidden for years
- AI vulnerability discovery is pushing 2026 CVEs toward 66,000