container security Archives • Daily CyberSecurity

Rancher Flaw Allows Malicious Plugins to Hijack Kubernetes Clusters Rancher Path Traversal CVE-2026-25705 Rancher Vulnerabilities, SAML Phishing CVE-2024-22036 Rancher, vulnerability

Rancher Path Traversal CVE-2026-25705 Rancher Vulnerabilities, SAML Phishing CVE-2024-22036 Rancher, vulnerability

Rancher Flaw Allows Malicious Plugins to Hijack Kubernetes Clusters

Ddos May 5, 2026

The SUSE Rancher Security team has issued an urgent advisory regarding a high-severity vulnerability in Rancher, the...

Kubernetes Security Alert: “Ingress-Nginx” Injection Flaw Risks Cluster-Wide Secret Exposure ingress-nginx Vulnerability CVE-2026-3288

Kubernetes Security Alert: “Ingress-Nginx” Injection Flaw Risks Cluster-Wide Secret Exposure

Ddos March 10, 2026

A critical security vulnerability has been identified in ingress-nginx, the widely used Ingress controller for Kubernetes. Tracked...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

CVE-2025-62878: Critical 10.0 Vulnerability Found in Kubernetes Local Path Provisioner

Ddos February 9, 2026

A maximum-severity vulnerability has been uncovered in a core Kubernetes storage component, leaving nodes wide open to...

Silent Leak: High-Severity Rancher CLI Flaw Exposes Admin Credentials CVE-2024-52281 Rancher CLI Vulnerability CVE-2025-67601

Silent Leak: High-Severity Rancher CLI Flaw Exposes Admin Credentials

Ddos February 4, 2026

For DevOps teams managing Kubernetes clusters at scale, the Rancher CLI is a vital tool. But a...

Gatekeeper Breached: 4 Critical Ingress-Nginx Flaws Risk Cluster Secrets Ingress-Nginx Vulnerability Kubernetes RCE Vulnerability CVE-2025-9708 Kubernetes Security, Image Builder Vulnerability CVE-2024-10220 - OPA Gatekeeper Bypass

Ingress-Nginx Vulnerability Kubernetes RCE Vulnerability CVE-2025-9708 Kubernetes Security, Image Builder Vulnerability CVE-2024-10220 - OPA Gatekeeper Bypass

Gatekeeper Breached: 4 Critical Ingress-Nginx Flaws Risk Cluster Secrets

Ddos February 3, 2026

For Kubernetes administrators, the Ingress-Nginx controller is the trusted gatekeeper, routing traffic from the wild internet to...

VoidLink: The “Cloud-First” Malware Hunting Your Linux Servers Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

VoidLink: The “Cloud-First” Malware Hunting Your Linux Servers

Ddos January 14, 2026

A new, highly sophisticated malware framework has emerged from the shadows, specifically engineered to infest the modern...

OCI Fixes Container Escape Vulnerabilities in runc (CVE-2025-31133, CVE-2025-52565, CVE-2025-52881) runc Container Escape, Mount Race Condition

OCI Fixes Container Escape Vulnerabilities in runc (CVE-2025-31133, CVE-2025-52565, CVE-2025-52881)

Ddos November 7, 2025

The Open Container Initiative (OCI) has released security updates to address three high-severity vulnerabilities affecting its container...

Critical NeuVector RCE Flaw (CVE-2025-54469, CVSS 10.0) Allows Command Injection via Unsanitized Environment Variables NeuVector Critical RCE, Command Injection

NeuVector Critical RCE, Command Injection

Critical NeuVector RCE Flaw (CVE-2025-54469, CVSS 10.0) Allows Command Injection via Unsanitized Environment Variables

Ddos October 23, 2025

The SUSE Rancher Security team has issued a critical advisory addressing a command injection and buffer overflow...

Podman Patches Symlink Traversal Vulnerability in kube play Command (CVE-2025-9566) Podman, container vulnerability

Podman Patches Symlink Traversal Vulnerability in kube play Command (CVE-2025-9566)

Ddos September 8, 2025

The Podman project has issued a security advisory warning of a high-severity vulnerability in the container management...

CVE-2025-8077 (CVSS 9.8): CRITICAL Flaw in NeuVector Exposes Kubernetes Clusters to Full Takeover NeuVector, Kubernetes vulnerability CVE-2025-8077

NeuVector, Kubernetes vulnerability CVE-2025-8077

CVE-2025-8077 (CVSS 9.8): CRITICAL Flaw in NeuVector Exposes Kubernetes Clusters to Full Takeover

Ddos September 1, 2025

The SUSE Rancher Security Team has issued a critical security advisory for NeuVector, an open-source container security...

Critical Docker Desktop Vulnerability Exposes Host Systems to Container Abuse Docker Malware Campaign Docker Vulnerability CVE-2025-9074

Critical Docker Desktop Vulnerability Exposes Host Systems to Container Abuse

Ddos August 20, 2025

A critical vulnerability in Docker Desktop has been disclosed, tracked as CVE-2025-9074 with a CVSSv4 severity score...

Critical XZ Backdoor Still Lurks in Docker Images, Posing Supply Chain Risk XZ backdoor, Docker Hub MIFARE classic backdoor C++/CLI IIS Backdoor

Critical XZ Backdoor Still Lurks in Docker Images, Posing Supply Chain Risk

Ddos August 13, 2025

The backdoor vulnerability in XZ-Utils first came to light in March 2024, and had it not been...

EKS Security Alert: Overprivileged Containers Exposing AWS Credentials via Unencrypted API

Ddos June 23, 2025

In the complex world of cloud-native applications, Kubernetes and Amazon Elastic Kubernetes Service (EKS) have become the...

Linux Kernel Flaw (CVE-2023-0386) Actively Exploited for Root Privilege Escalation, PoC Available CVE-2023-0386 PoC Linux Privilege Escalation, OverlayFS

CVE-2023-0386 PoC Linux Privilege Escalation, OverlayFS

Linux Kernel Flaw (CVE-2023-0386) Actively Exploited for Root Privilege Escalation, PoC Available

Ddos June 18, 2025

A dangerous Linux privilege escalation vulnerability, CVE-2023-0386, has officially entered the CISA Known Exploited Vulnerabilities (KEV) Catalog...

Kaspersky Exposes Hidden Dangers: Are Your Containers Truly Secure? Container Security

Kaspersky Exposes Hidden Dangers: Are Your Containers Truly Secure?

Ddos June 5, 2025

As containers become the backbone of modern software deployment, many organizations still misjudge their isolation guarantees —...

Docker Containers Under Attack: New Self-Replicating Dero Cryptominer Dero cryptominer, Docker container hack

Docker Containers Under Attack: New Self-Replicating Dero Cryptominer

Ddos May 22, 2025

Kaspersky Labs has uncovered a disturbing new malware campaign that turns exposed Docker containers into self-replicating Dero...

CVE-2024-0132: Incomplete NVIDIA Toolkit Patch Enables Container Escape and DoS Attacks NVIDIA DGX Cloud restructuring, Dwight Diercks engineering shift NVIDIA Isaac Launchable, Hard-coded Credentials NVIDIA Merlin Deserialization, AI Pipeline RCE Triton DoS Flaws, AI Inference Server Security NVIDIA AI programming AI Chips China 800VDC Data Center, AI Power Architecture CVE-2024-0114 NVIDIA Container Toolkit vulnerability Container escape

NVIDIA DGX Cloud restructuring, Dwight Diercks engineering shift NVIDIA Isaac Launchable, Hard-coded Credentials NVIDIA Merlin Deserialization, AI Pipeline RCE Triton DoS Flaws, AI Inference Server Security NVIDIA AI programming AI Chips China 800VDC Data Center, AI Power Architecture CVE-2024-0114 NVIDIA Container Toolkit vulnerability Container escape

CVE-2024-0132: Incomplete NVIDIA Toolkit Patch Enables Container Escape and DoS Attacks

Ddos April 13, 2025

A recent report by Trend Research has uncovered that NVIDIA’s September 2024 security update for a critical...