TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs

Cybersecurity researchers have discovered a variant of a recently disclosed campaign that abuses the TOR network for cryptojacking attacks targeting exposed Docker APIs. Akamai, which discovered the latest activity last month, said it's designed to block other actors from accessing the Docker API...

ROOT-OS-ALPINE-319-CVE-2024-10524 CVE-2024-10524 in rootio-wget - Patched by Root

Root has patched CVE-2024-10524 in the rootio-wget package for Root:Alpine:3.19. Multiple fixed versions available...

Node.js: Permissions can be bypassed via arbitrary code execution through abusing libuv signal pipes

Vulnerability description not provided...

CVE-2020-35191

The official drupal docker images before 8.5.10-fpm-alpine Alpine specific contain a blank password for a root user. System using the drupal docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password...

CVE-2020-35185

The official ghost docker images before 2.16.1-alpine Alpine specific contain a blank password for a root user. System using the ghost docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password...

CVE-2020-35189

The official kong docker images before 1.0.2-alpine Alpine specific contain a blank password for a root user. System using the kong docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password...

Docker Image memcached 访问控制错误漏洞

Docker is an open source application container engine from the American company Docker. It supports creating a container lightweight virtual machine and deploying and running applications on Linux systems, as well as automating the installation, deployment and upgrade of applications through...

Docker Images Sonarqube Access Control Error Vulnerability

Docker is an open source application container engine from the American company Docker. The product supports creating a container lightweight virtual machine and deploying and running applications on Linux systems, as well as automating the installation, deployment and upgrade of applications...

Docker Image Kapacitor Authorization Issue Vulnerability

Docker is an open source application container engine from the American company Docker. The product supports creating a container lightweight virtual machine and deploying and running applications on Linux systems, as well as automating the installation, deployment, and upgrading of applications...

XIP - Tool To Generate A List Of IP Addresses By Applying A Set Of Transformations Used To Bypass Security Measures E.G. Blacklist Filtering, WAF, Etc.

XIP generates a list of IP addresses by applying a set of transformations used to bypass security measures e.g. blacklist filtering, WAF, etc. Further explaination on our blog post article Usage python3 xip.py --help Docker alternative Official image You can pull the official Drupwn image from th...