Security researchers have discovered a critical flaw in runc, the default runtime for Docker and Kubernetes, allowing a malicious container to attack the host and all other containers running on it. Aleksa Sarai — one of the maintainers for runc — made the announcement on Tuesday, attributing the discovery to researchers Adam Iwaniuk and Borys Poplawski.

Read full news article on Infosecurity