Three newly disclosed vulnerabilities in the runC container runtime used in Docker and Kubernetes could be exploited to bypass isolation restrictions and get access to the host system. A critical ...

Microsoft this week disclosed a serious container-escape vulnerability in its widely used Azure Service Fabric technology, which gives attackers a way to gain root privileges on the host node and take ...

A chain of exploits could allow a malicious Azure user to infiltrate other customers’ cloud instances within Microsoft’s container-as-a-service offering. A critical security vulnerability allowing ...

This newly discovered malware is the first to take advantage of an obscure Windows container escape technique to seek out and infect Kubernetes clusters. Malware attacks against cloud containers are ...

Three runC flaws could allow container escape and host access with admin privileges Bugs affect Docker/Kubernetes setups using custom mounts and older runC versions Mitigation includes user namespaces ...

Amazon Web Services (AWS) has fixed four security issues in its hot patch from December that addressed the critical Log4Shell vulnerability (CVE-2021-44228) affecting cloud or on-premise environments ...

Microsoft has revealed that it has fixed a bug in its Azure Container Instances (ACI) service that may have allowed a user to access other customers' information in the ACI. ACI lets customers run ...

A newly identified malware, dubbed Siloscape by the threat researcher who first spotted it, appears to be the first-recorded malware to target Windows containers, and presents a potential risk to ...