ZDNet

Alpine Linux Docker images ship a root account with no password

Alpine Linux Docker images distributed via the official Docker Hub portal for the past three years and a half have been using a blank (NULL) password for the root account, security researchers from ...
Bleeping Computer

Docker Hub still hosts dozens of Linux images with the XZ backdoor

The XZ-Utils backdoor, first discovered in March 2024, is still present in at least 35 Linux images on Docker Hub, potentially putting users, organizations, and their data at risk. Docker Hub is the ...
TechRadar

Docker could still be hosting a whole load of potentially malicious images - putting users at risk

XZ-Utils backdoor was found over a year ago Despite warnings, some Linux images still contain it Debian won't budge as the images are "historical artifacts" At least 35 Linux images hosted on Docker ...