Endor Labs Acquires Autonomous Plane, Expanding AI-Native Application Security with Full-Stack Reachability From Code to Container

Endor Labs, the leader in AI-native application security, today announced the acquisition of Autonomous Plane, a cloud-native application security company founded by Kyle Quest, creator of DockerSlim.
Que.com on MSN

Docker patches critical 'Ask Gordon AI' flaw enabling code execution

Docker has released security fixes for a critical vulnerability affecting its AI-assisted feature known as Ask Gordon. The ...
SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
Redmond Magazine

Microsoft Issues Azure Container Service Engine as Open Source Code

Microsoft today released the source code for its Azure Container Service (ACS) Engine as open source code, and also added support for Kubernetes 1.4 and DC/OS 1.8.4. The ACS Engine is now an open ...
heise online

Malicious code loophole in Nvidia Container Toolkit closed

Among other things, a critical vulnerability makes Nvidia Container Toolkit and GPU Operator under Linux vulnerable to attacks. Security patches are available. Attackers should be able to exploit the ...
ZDNet

Doomsday Docker security hole uncovered

One of the great security fears about containers is that an attacker could infect a container with a malicious program, which could escape and attack the host system. Well, we now have a security hole ...
Threat Post

RSAC 2019: Container Escape Hack Targets Vulnerable Linux Kernel

A proof-of-concept hack allows adversaries to tweak old exploits, have code jump containers and attack underlying infrastructure. Researchers at CyberArk have created a proof-of-concept attack that ...