The Hacker News

Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access

Docker CVE-2026-34040 enables AuthZ bypass via padded requests, risking host compromise; fixed in version 29.3.1.
Dark Reading

Automated Credential Harvesting Campaign Exploits React2Shell Flaw

An emerging threat cluster is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to steal credentials ...