Fears of a WannaCry-level global attack grow as working exploit info starts to go public.
Alpine Linux Docker images available via the Docker Hub contained a critical flaw allowing attackers to authenticate on systems using the root user and no password.
Github and Bitbucket tokens for Docker autobuilds are also impacted.
GitHub is offering unlimited rewards for critical vulnerabilities – and has added “safe harbor” terms to its bug bounty program.
The flaw affects thousands of servers; but GitHub, a major libssh user, is unaffected.
Researchers find proof-of-concept code that can take advantage of the recently identified Apache Struts framework (CVE-2018-11776) vulnerability.
Distributed Denial of Service attacks maybe one of the oldest tools in a hacker’s toolbox, but that doesn’t mean they haven’t fallen out of fashion.
Researchers said over a dozen malicious docker images available on Docker Hub allowed hackers to earn $90,000 in cryptojacking profits.
A serious vulnerability was patched by developers behind Git that closes the door on a flaw that could lead to arbitrary code execution on a developer’s system.
Researcher finds Microsoft’s January Patch Tuesday release included a fix for the Intel Meltdown bug, however the update opened up a new vulnerability.