⚠️ CVE-2025-55182 (React2Shell) cho phép thực thi mã từ xa trên server React. Khi lỗ hổng được công bố, tin tặc nhanh chóng triển khai miner. Các công ty vá trong 24h an toàn; trì hoãn 72h bị tấn công. Hãy patch ngay khi CVE xuất hiện! #Security #InfoSec #CyberSecurity #AnNinhMạng #CVE #React #Docker
https://dev.to/aerabi/day-12-react2shell-cve-the-mines-4okb
"Ganze 42 Prozent der Images enthielten sogar fünf oder mehr Secrets, sodass mit ihnen in einem Rutsch Zugang zu ganzen Cloud-Umgebungen, Softwareverteilung und Datenbanken der Organisation möglich wurde. Den größten Anteil an den abgeflossenen Secrets hatten API-Keys zu KI-LLM-Modellen, alleine dafür kamen rund 4000 zusammen. Für die IT-Forscher ist das ein Hinweis, wie sehr die KI-Nutzung die Anpassung der Sicherheitskontrollen bereits überholt hat."
New release of dockcheck.sh - v0.7.5 !
This version brings the new option `-b N` - Enable image backups and sets number of days to keep from pruning.
Which allows for easy rollback if a new image breaks. The images will be auto removed after *N* days of age in future runs of dockcheck.
https://github.com/mag37/dockcheck
#dockcheck #containers #docker #selfhosting #homelab #automation
Is AI the New Insider Threat?
#Docker #Engineering #Products
https://www.docker.com/blog/ai-insider-threat-shadow-ai-risk-controls/
How to Add MCP Servers to ChatGPT with Docker MCP Toolkit
#Docker #Products #AIAgent #DockerMCPCatalog #MCPserver #MCPToolkit
https://www.docker.com/blog/add-mcp-server-to-chatgpt/
More than 10,000 Docker Hub Images Contain Secret Credentials
On Docker Hub, there are thousands of container images – and more than 10,000 of them actually contain secret credentials.
#Datenleck #Docker #IT #Security #news
6 Docker-фич для продвинутого использования. Часть 2
Привет Хабр! Снова . Docker уже давно стал стандартом, и базовые команды вроде docker run , docker build или docker compose up знакомы любому разработчику. Но экосистема и инструментарий контейнеризации гораздо глубже. В этом материале мы отойдём от банальных инструкций и разберём шесть продвинутых инструментов и настроек. Думаю, вы узнаете для себя что-нибудь новое.
https://habr.com/ru/companies/ruvds/articles/975114/
#docker #dockercompose #докер #оптимизация #ииагенты #фичи #контейнеры #докеризация #документация #доклады
Took a shot at updating CMT: https://gitlab.com/surfsara/cmt
The main issue was that it still needed Python 2.7. Not anymore. It now runs with the latest Python version, it even needs at least Python 3.10.
This was quite an endeavour. Luckily the existing code base was well organised and most deprecated calls could be replaced easily. It can now also run properly in a Docker setup.
#Python #Programming #Docker #SURF
Mehr als 10.000 Docker-Hub-Images enthalten geheime Zugangsdaten
Auf Docker Hub liegen abertausende Container-Images – und mehr als 10.000 davon enthalten eigentlich geheime Zugangsdaten.
#Datenleck #Docker #IT #Security #news
Mệt mỏi với việc viết Dockerfile cho các Agent, /u/Tech_News_Blog xây dựng công cụ cài đặt chỉ 30 giây (không cần DevOps). #AI #DevOps #Docker #MachineLearning #ĐộngLựcAI #TríTuệNhânTạo #PhátTriểnMềm
Is there any way I can stop #docker Desktop from nagging me every hour to insert my GPG password on Linux?
Over 10,000 #Docker Hub images found leaking credentials, auth keys