Breach & Build — cybersecurity news

🔴 CVE-2026-33897 | CRITICAL (CVSS 9.9) Incus users, beware! A flaw allows root access to host servers. Immediate action is REQUIRED. Read our blog for full details NOW!

#CVE #BreachAndBuild #Incus #RootAccess #ContainerSecurity

breachandbuild.com/cve-2026-33897-cve-2026-...

CVE-2026-33897: CWE-1336: Improper Neutralization of Special Elements Used in a Incus is a system container and virtual machine manager that supports pongo2 templates to dynamically generate files within container instances. Prior to version 6.23.0, Incus improperly implemented pongo2's chroot isolation feature, which

CRITICAL: lxc incus (<6.23.0) has a template engine flaw (CVE-2026-33897) enabling container escape & root host access. Upgrade now and review access policies! radar.offseq.com/threat/cve-2026-33897-cw... #OffSeq #ContainerSecurity #Linux

CVE-2026-33945: CWE-22: Improper Limitation of a Pathname to a Restricted Direct Incus is a system container and virtual machine manager that allows containers to provide credentials to systemd within the guest environment via a shared directory. Prior to version 6.23.0, Incus improperly limits pathnames in configuratio

CRITICAL: lxc incus (<6.23.0) path traversal (CVE-2026-33945) lets attackers write files as root, risking host takeover. Patch to 6.23.0+ now! radar.offseq.com/threat/cve-2026-33945-cw... #OffSeq #CVE202633945 #ContainerSecurity

We actually can be in two places at once…

Can you guess which is our RSAC booth and which is our KubeCon booth?

If you’re at either event, come find us:
📍 RSAC: Booth # S-1061
📍 KubeCon: Booth # 940 + 🎯 Space # 340

#KubeConEU #RSAC #ContainerSecurity #Cybersecurity

If you maintain an open source project, we want to support you. We’re excited to launch our Open Source Program, providing access to our secure, minimal images free of charge to eligible projects.

Apply or get more information here: buff.ly/dbV6OQm

#OpenSource #ContainerSecurity @kat.lol

Threat Research | Weekly Recap [22 Mar 2026] Cybersecurity Threat Research 'Weekly' Recap: this overview surveys vulnerabilities, supply-chain and developer-tooling abuse, phishing and malware campaigns across Langflow (CVE-2026-33017), CanisterWorm, CursorJack, SnappyClient, Vidar Stealer, AsyncRAT, GhostMail, Boggy Serpens, DieNet and Konni, with notable operational exposures such as Myclaw360 TLS key and Larva26002. Cybersecurity Threat Research 'Weekly' Recap: it also highlights evolving trends in AI-assisted threats, container security with Defend for Containers (D4C) guidance and TeamPCP container attack scenarios, plus CI/CD risk from Trivy action hijacking and related supply-chain abuses. #Langflow #CVE-2026-33017 #CanisterWorm #CursorJack #SnappyClient #VidarStealer #AsyncRAT #GhostMail #BoggySerpens #DieNet #Konni #Myclaw360 #Larva26002 #DefendForContainers #TeamPCP #TrivyAction #Kubernetes

Weekly recap highlights critical vulnerabilities like Langflow CVE-2026-33017, supply-chain abuses, AI-powered threats, container security challenges with D4C, and CI/CD risks from Trivy hijacking affecting global cyber defense. #SupplyChain #ContainerSecurity

Another event, another Mini Cooper giveaway! That's right - we're bringing the Minimus DART Challenge to KubeCon AND RSAC next week, and someone's leaving with a car!

Come see us at RSAC booth S-1061 / KubeCon booth 940 🎯 🚙

#KubeCon #RSAC #Cybersecurity #ContainerSecurity #CloudSecurity

Integrating Anchore Security Scanning into Your Azure DevOps Pipeline | Anchore With a few lines of yaml, add security to your Azure DevOps pipeline to keep non-compliant containers from reaching production environments.

We just updated our guide on integrating Anchore into your Azure DevOps pipelines! Learn how to use anchorectl for distributed analysis (local SBOM generation) or centralized analysis via a staging reg... https://anchore.com/blog/anchore-azure-devops/
#DevSecOps #AzureDevOps #ContainerSecurity #SBOM

#Kubernetes #K8s #DevOps #CloudNative #CKS #DevSecOps #ContainerSecurity #KubernetesSecurity #CNCF #OpenSource #LinuxFoundation #TechCommunity

🛡️ NanoClaw y Docker aíslan agentes de IA en sandboxes de MicroVM

¿Te gustan los agentes tipo OpenClaw pero su inseguridad te preocupa? Esta combinación es la solución.

thenewstack.io/nanoclaw-docker-sandboxe...

#MicroVM #AIIsolation #ContainerSecurity #RoxsRoss

OWASP adopts DockSec: What it is — and why it matters Security teams are plagued by information overload — the firehose of data pumped out by their security tools. Now, some relief is in sight...

OWASP just adopted DockSec to cut through container security noise and sharpen DevSecOps signal. See how this AI-powered analyzer helps teams ship safer software: jpmellojr.blogspot.com/2026/03/owas... #OWASP #DockSec #DevSecOps #ContainerSecurity #AppSec

📢 New Software Supply Chain 101 Short: What is an SBOM?

In this short video I explain what an SBOM is and why it's so relevant today.

youtu.be/GH0fSSqwgnI?...

#softwaresupplychain #containersecurity #appsec #sbom