News

The Hacker News5d

Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3

Docker patched CVE-2025-9074 (CVSS 9.3), a flaw enabling container escape via unauthenticated API, risking host takeover.

Critical Docker Desktop flaw lets attackers hijack Windows hosts

A critical vulnerability in Docker Desktop for Windows and macOS allows compromising the host by running a malicious ...

Docker Desktop bug let containers hop the fence with barely a nudge

"A malicious container running on Docker Desktop could access the Docker Engine and launch additional containers without ...
SecurityWeek5d

Docker Desktop Vulnerability Leads to Host Compromise

A critical vulnerability in Docker Desktop allows attackers to modify the filesystem of Windows hosts to become ...
CSO Online4d

Critical Docker Desktop flaw allows container escape

Missing authentication on the Docker Engine management API for Docker Desktop on Windows and Mac allows attackers to break ...

A critical Docker Desktop security flaw puts Windows hosts at risk of attack, so patch now

Researchers find 9.3/10 flaw in Docker Desktop for Windows and macOS The bug allows threat actors to compromise underlying hosts and tamper with data A fix was quickly released, so users should patch ...
Make Tech Easier3d

Docker Desktop vs Docker Engine: What’s the Difference?

Learn the key differences between Docker Desktop and Docker Engine to optimize containerization, DevOps workflows, and development setups.
Infosecurity-magazine.com1y

Python Malware Poses DDoS Threat Via Docker API Misconfiguration

Security researchers have identified a new cyber-threat targeting publicly exposed instances of the Docker Engine API. In this campaign, attackers exploit misconfigurations to deploy a malicious ...