anchoreYour MCP server might be the weakest link—here's the data. @josh.bressers.name scanned 161 MCP images and found 9,000 vulns / 263 criticals. Read the breakdown and fixes: https://anchore.com/blog/analyzing-the-top-mcp-docker-containers/
Erika Heidi ✨What happened to Trivy? 🤔
In this short video, I shared a high-level overview of the most recent software supply chain incident that affected the open source vulnerability scanner Trivy. The attack is still unfolding, as the malware spreads across the npm ecosystem. It's getting wild out there, folks!
What happened to Trivy? The latest software supply chain incident #containersecurity #educational
Mohammad-Ali A'RÂBI 🐧🐳My JavaPro article on "10 essential Docker commands to hunt the predator" is live!
We cover:
📜 SBOMs & Attestations
🛡️ Hardened Images (DHI)
🚫 VEX Exemptions
🕵️♂️ Zero-Day Defenses
Read the full Asgard mission here 👇
https://javapro.io/2026/03/19/10-docker-commandos-docker-commands-to-hunt-the-predator/
MCP is having a moment. @josh.bressers.name wanted to know: what are we actually shipping?
9,000 vulns
263 critical findings
36K+ NPM packages
Outdated base images
Not fear-mongering—just data-driven reality. Read his analysis: https://anchore.com/blog/analyzing-the-top-mcp-docker-containers/
OffSequence🚨 CVE-2026-33945 (CRITICAL, CVSS 10): lxc incus <6.23.0 is vulnerable to path traversal, enabling attackers to write as root & escalate privileges. Upgrade to 6.23.0+ ASAP, restrict config access! https://radar.offseq.com/threat/cve-2026-33945-cwe-22-improper-limitation-of-a-pat-4b327a65 #OffSeq #CVE202633945 #ContainerSecurity
Your MCP server might be the weakest link—here's the data. @josh.bressers.name scanned 161 MCP images and found 9,000 vulns / 263 criticals. Read the breakdown and fixes: https://anchore.com/blog/analyzing-the-top-mcp-docker-containers/
Linux Professional InstituteWhile #Docker makes it easy to start and manage containers, a host system is still required to run them. These systems form the infrastructure on which containers run and are covered by objective 702.3 of the DevOps Tools Engineer 2.0 exam.
Dive into episode 8 of the DevOps 2.0 introduction series to learn more from Fabian Thorns and Uirá Ribeiro: https://lpi.org/5nix
#DevOps #Containers #Docker #ContainerImages #ContainerSecurity
We just updated our guide on integrating Anchore into your Azure DevOps pipelines! Learn how to use anchorectl for distributed analysis (local SBOM generation) or centralized analysis via a staging registry. Secure your software supply chain without slowing down your devs.
Read more: https://anchore.com/blog/anchore-azure-devops/
#DevSecOps #AzureDevOps #ContainerSecurity #SBOM
Read more: https://anchore.com/blog/anchore-azure-devops/
#DevSecOps #AzureDevOps #ContainerSecurity #SBOM
@josh.bressers.name scanned 161 MCP containers. Found 9,000 vulnerabilities. 263 were critical.
"Software ages like milk, not wine." His analysis breaks down what's actually being deployed in the MCP ecosystem—and what to do about it.
https://anchore.com/blog/analyzing-the-top-mcp-docker-containers/
jpmellojrOWASP just adopted DockSec to cut through container security noise and sharpen DevSecOps signal. See how this AI-powered analyzer helps teams ship safer software: https://jpmellojr.blogspot.com/2026/03/owasp-adopts-docksec-what-it-is-and-why.html #OWASP #DockSec #DevSecOps #ContainerSecurity #AppSec
