VulnHub

Real-time Cybersecurity News

Docker fixes AuthZ bypass bug that created containers with excessive privileges

SCM feed for Latest
Vulnerability

Overview

Docker has addressed a significant vulnerability that allowed attackers to bypass authorization controls and create containers with excessive privileges. This issue arose from a crafted HTTP request that could make restricted containers invisible to authentication and authorization plugins. As a result, unauthorized users could gain elevated access, potentially allowing them to execute harmful actions within the system. This vulnerability affects users of Docker's containerization platform, and it is crucial for organizations to apply the latest patches to safeguard their environments. Docker has released updates to fix this flaw, emphasizing the importance of maintaining security best practices in container management.

Key Takeaways

  • Affected Systems: Docker containers with authorization plugins
  • Action Required: Users should update to the latest version of Docker to patch the vulnerability.
  • Timeline: Newly disclosed

Original Article Summary

A crafted HTTP request can make restricted containers invisible to AuthZ plugins.

Impact

Docker containers with authorization plugins

Exploitation Status

The exploitation status is currently unknown. Monitor vendor advisories and security bulletins for updates.

Timeline

Newly disclosed

Remediation

Users should update to the latest version of Docker to patch the vulnerability.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Vulnerability.

Read Original Article

Related Coverage

AI-Led Remediation Crisis Prompts HackerOne to Pause Bug Bounties

darkreading

HackerOne has decided to pause its bug bounty programs due to challenges in the remediation process for open-source vulnerabilities. Traditionally, finding bugs was the main hurdle, but with the rise of automated discovery tools, fixing these bugs has become the bigger issue. Bug bounties, which reward researchers for identifying security flaws, do not currently cover the costs associated with remediation. This decision could impact the security of various open-source projects, as it may discourage researchers from reporting vulnerabilities if there is no support for fixing them. The situation raises concerns about how effectively vulnerabilities can be addressed in an increasingly automated environment.

Apr 8, 2026

New macOS stealer campaign uses Script Editor in ClickFix attack

BleepingComputer

A new campaign is targeting macOS users with the Atomic Stealer malware, using the Script Editor to execute commands in a method similar to a previous ClickFix attack. This tactic tricks users into running malicious scripts, which can lead to sensitive data being stolen. The attack primarily affects macOS computers, putting users’ personal information at risk. Security researchers are urging users to be cautious about running scripts from untrusted sources, as this method can bypass some security measures. Awareness and vigilance are key, as these types of attacks can lead to significant data breaches if not addressed promptly.

Apr 8, 2026

CISA orders feds to patch exploited Ivanti EPMM flaw by Sunday

BleepingComputer

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a directive for U.S. government agencies to patch a serious vulnerability in Ivanti Endpoint Manager Mobile (EPMM). This flaw has been exploited in attacks since January, making it a significant risk for federal systems. Agencies have only until Sunday to address this issue, underscoring the urgency to protect sensitive data from potential breaches. The vulnerability affects the Ivanti EPMM software, which is widely used for managing mobile devices. Failure to patch could leave these systems open to further exploitation by attackers, which could have serious implications for national security.

Apr 8, 2026

Hack-for-hire spyware campaign targets journalists in Middle East, North Africa

CyberScoop

A research collaboration between Access Now, Lookout, and SMEX has uncovered a troubling spyware campaign targeting journalists in the Middle East and North Africa. The campaign is believed to be linked to a group called Bitter, which is suspected of having connections to the Indian government. The spyware, identified as ProSpy, poses a significant risk to the privacy and safety of journalists in the region, as it can be used to monitor their communications and activities. This incident raises serious concerns about the increasing use of hack-for-hire services to silence critical voices and undermine press freedom. The implications of this spyware campaign extend beyond individual journalists, potentially affecting the broader landscape of media and freedom of expression in these areas.

Apr 8, 2026

ComfyUI instances hijacked for cryptomining and proxy botnet

SCM feed for Latest

Threat actors are actively targeting vulnerable ComfyUI deployments using a custom Python scanner to hijack instances for cryptomining and to create a proxy botnet. This malicious activity involves scanning cloud IP ranges to find systems that haven't been secured. Once compromised, these systems can be exploited for unauthorized cryptomining, which can lead to significant financial losses for the affected users and businesses. The ease of access for attackers highlights a concerning gap in cloud security practices. Organizations using ComfyUI should ensure their deployments are properly configured and secured to prevent these types of attacks.

Apr 8, 2026

Fraud Rockets Higher in Mobile-First Latin America

darkreading

Cyber fraud is escalating in Latin America, particularly among mobile users. Attackers are quickly taking control of compromised devices, leading to account takeovers and unauthorized fund transfers. This rapid sequence of events often occurs faster than many financial institutions can respond, leaving victims vulnerable to significant financial losses. The trend is concerning as it highlights the growing sophistication of cyber fraud in a region that is increasingly reliant on mobile technology for banking and transactions. Users and financial institutions must remain vigilant and adopt stronger security measures to protect against these threats.

Apr 8, 2026