Skip to main content

Tag: container security

7 articles

Brightly-lit server in a data center with a network operations setting.

Hackers exploit auth bypass in Gitea Docker image

Hackers are actively exploiting a critical flaw in the Gitea Docker image, using a single header to bypass authentication and gain access - and security teams are only just catching on. In fact, researchers detected the first real-world hit just 13 days after the vulnerability was disclosed.

Analyst 207
Laptop and smartphone sit on a minimalist desk in soft daylight.

OpenClaw Flaws Expose Hosts to Code Execution via WhatsApp

Three newly patched flaws in the OpenClaw personal AI assistant could let hackers execute code on your device via WhatsApp, putting sensitive data like SSH keys, AWS credentials, and GPG secrets at risk. This alarming vulnerability was addressed in OpenClaw version 2026.6.6.

Analyst 207
Security researcher examines laptop amidst servers with Gitea Docker setup.

Threat Actors Probe Gitea Docker Flaw Just 13 Days After Patch

Security researchers have spotted threat actors probing a critical Gitea Docker flaw just 13 days after it was patched, highlighting the urgent need for users to update their systems. This highly vulnerable flaw, scoring 9.8, allows attackers to exploit a default setting that trusts user headers from any source IP address.

Analyst 207
Exposed server in a data center with rows of computer racks.

Unpatched Argo CD Flaw Exposes Kubernetes Clusters to Takeover

A critical flaw in Argo CD's repo-server component has been left unpatched for 18 months, leaving Kubernetes clusters vulnerable to takeover by allowing unauthenticated access to sensitive functions. This gaping security hole enables attackers to execute malicious scripts and gain control of your cluster.

Analyst 207
Software development workstation with Docker interface on laptop and monitor, surrounded by tools and notes.

Docker Images Expose Hidden Vulnerabilities

Docker containers are a top target for attackers, with a recent analysis of 100 popular Docker Hub images revealing that 64 contained critical flaws due to outdated software versions. Only one in ten images was fully up to date, leaving a vast majority vulnerable to predictable and dangerous exposures.

Analyst 207
Blurred container image on a pallet with a laptop showing a container registry in the background.

Gitea Flaw Exposes Private Container Images to Unauthenticated Attacks

A newly disclosed vulnerability in Gitea, tracked as CVE-2026-27771, allows unauthenticated attackers to access private container images, potentially exposing tens of thousands of deployments worldwide. This flaw lets anyone on the internet pull private images without needing an account, password, or credentials.

Analyst 207
Docker Hub repository page on a developer's workstation screen shows a manipulated image warning.

Checkmarx KICS Tool Compromised in Supply-Chain Breach

A critical vulnerability was discovered in the Checkmarx KICS tool due to a supply-chain breach, where a malicious Docker image was briefly hosted on DockerHub, exposing users to potential security risks between April 22, 2026, 14:17:59 UTC and 15:41:31 UTC. The breach was quickly identified and rectified, with affected tags restored and malicious images removed.

Analyst 207