News

Infosecurity-magazine.com1y
Python Malware Poses DDoS Threat Via Docker API Misconfiguration
In this campaign, attackers exploit misconfigurations to deploy a malicious Docker container with Python malware compiled as an ELF ... a previously targeted entry point, has gained popularity for ...
InfoQ1d
Docker Launches Hardened Base Images
Docker has launched its Docker Hardened Images (DHI), a security-focused range of base images that reduce vulnerabilities by up to 95%. Built using a distroless approach, these minimal images ...
ZDNet3y
LemonDuck botnet plunders Docker cloud instances in cryptocurrency crime wave
In a case observed by the team, an exposed API was abused to run a custom Docker ENTRYPOINT instruction and download "core.png," an image file disguised as a Bash script. The file was downloaded ...
CSOonline11mon
Python GitHub token leak shows binary files can burn developers too
Scrubbing tokens from source code is not enough, as shown by the publishing of a Python Software Foundation access token with administrator privileges to a container image on Docker Hub.
ZDNet5y
Microsoft: Try VS Code's new Python, C++ programming language tutorials, Docker updates
there's a new tutorial that shows how to build a Python application in a Docker container using VS Code and Microsoft's VS Code Docker extension, which has also been updated and has now reached ...
Infosecurity-magazine.com3y
Crypto-Mining Botnet Goes After Misconfigured Docker APIs
“It runs a malicious container on an exposed Docker API by using a custom Docker Entrypoint to download a ‘core.png’ image file that is disguised as Bash script,” it said in a blog post yesterday.