2025-11-26 17:06
On November 24, 2025, Docker Hardened Images addressed CVE-2025-12735, a serious remote code execution vulnerability in the Kibana project. This issue scored 9.8 on the CVSS scale and posed risks across many applications due to its origins in the expr-eval library. Docker not only patched the vulnerability for its users but also submitted a fix to the upstream LangChain.js project. This means enhanced security for all applications relying on LangChain.js, which sees over a million weekly...
Source: Docker Blog
Simeon Ratliff
2025-11-25 15:00
🚀 Exciting developments in coding agent technology! As coding agents like Claude Code and Gemini CLI become more autonomous, developers face challenges in balancing access and safety. Current options like YOLO Mode and DIY VMs can compromise security or productivity. To address this, a new solution using Docker Sandboxes is being explored. This provides isolation for coding agents while allowing them to operate effectively. The experimental preview includes container-based isolation and broad...
Source: Docker Blog
Srini Sekaran
2025-11-25 14:04
Securing software supply chains is critical in today's digital landscape. 🌐 According to theCUBE Research, 95% of organizations report improved vulnerability management with Docker, while 79% find it effective for compliance. Docker integrates security into developer workflows, making it a foundational tool for modern DevSecOps. 🔒 Docker Hardened Images and real-time vulnerability analysis help reduce application vulnerabilities by 92%. Additionally, tools for AI development streamline setup...
Source: Docker Blog
John Ayub
2025-11-24 21:04
🚨 On November 21, 2025, security researchers identified the Shai Hulud 2.0 npm supply chain attack, compromising over 25,000 GitHub repositories within 72 hours. Major organizations like Zapier and Postman were targeted. The malware's self-propagating nature posed a serious threat, executing during npm's preinstall phase and stealing developer credentials and cloud secrets. In response, Docker Security quickly issued DSA-2025-1124, enhancing protection through automated threat intelligence...
Source: Docker Blog
Simeon Ratliff
2025-11-21 22:43
🚀 The Docker team participated in JFrog SwampUP Berlin 2025 from November 12-14, engaging in technical sessions and discussions. Key insights included the rise of software supply chain attacks, where malicious actors are using AI to exploit open-source packages. 🔒 Governance plays a crucial role in preventing these attacks by controlling entry points in the software lifecycle. Tools must enhance interoperability to detect risks effectively. Additionally, discussions highlighted the importance...
Source: Docker Blog
Dan Berezin Stelzer
2025-11-21 18:40
On November 19, 2025, the Golang project announced two vulnerabilities affecting the golang.org/x/crypto/ssh package. While not critically scored, these vulnerabilities pose risks to applications using SSH in Go containers. CVE-2025-58181 allows for unbounded memory consumption, and CVE-2025-47914 affects SSH Agent servers, potentially leading to system instability. Docker Hardened Images responded promptly, patching these vulnerabilities within 24 hours through continuous monitoring and...
Source: Docker Blog
Jin Kim
2025-11-21 14:00
🚀 Incorporating AI tools into your development workflow can be challenging at first. Many, including the author, experienced initial frustration with productivity gains. 🔑 Key insights suggest breaking work into manageable chunks, understanding problems before solutions, and refining your approach with AI tools. 🛠️ Effective AI coding involves a cycle: Prompting, Planning, Producing, and Refining. This structured method helps maintain context and improves code quality. Stay adaptable and keep...
Source: Docker Blog
Simeon Ratliff
2025-11-20 13:44
🚀 Exciting news for developers! Docker Model Runner now integrates the vLLM inference engine, enhancing high-throughput AI inference capabilities. This integration allows seamless scaling of AI workloads across various Nvidia hardware while maintaining the familiar Docker workflow. 🖥️ vLLM optimizes performance with advanced algorithms and supports popular models like GPT-OSS and Llama 3, ensuring efficient deployment for production-grade applications. Start exploring today with simple...
Source: Docker Blog
Yiwen Xu
2025-11-19 16:55
Mark Lechner, CISO at Docker, emphasizes the need for security at the core of the software supply chain. As threats evolve, they exploit interconnected systems rather than isolated ones. He reflects on his decade-long experience in diverse sectors, highlighting the shift from controlled environments to open systems where trust must be proven. Docker’s role is crucial; with containers as the standard unit of compute, ensuring security now can reshape software development. 🔍🔐💻 #Cybersecurity...
Source: Docker Blog
Simeon Ratliff
2025-11-19 14:00
Unlock the potential of AI with the Model Context Protocol (MCP)! 🚀 In a recent article, Oleg Šelajev highlights six essential MCP servers that enhance developer productivity. These servers connect AI agents to external tools, streamlining workflows. Key servers include Context7 for coding accuracy, Obsidian for smarter note-taking, and DuckDuckGo for search capabilities. Each server offers unique benefits to improve your development process. 💻✨ Explore how these tools can transform your...
Source: Docker Blog
Oleg Selajev
2025-11-18 17:57
Running AI models locally can be challenging due to dependency issues and inconsistencies. Docker and Unsloth are collaborating to simplify the process of building and running custom models. This partnership aims to enhance model creation, optimization, and execution. With Docker Model Runner, developers can easily launch models across different systems, streamlining the workflow. Explore more about this innovative solution! 🚀🖥️ #AI #Docker #Unsloth #MachineLearning #TechInnovation
Source: Docker Blog
Srini Sekaran
2025-11-18 14:00
🚀 Launching a Chat UI Agent is now simpler with Docker and the Vercel AI SDK! By using Docker, you can maintain a consistent environment across different machines. The Vercel AI SDK streamlines the creation of conversational interfaces with tools for streaming responses and multi-turn interactions. Get started by cloning the Next.js AI Chatbot template and configuring your API keys. With just one command, your Chat UI goes live! #ChatUI #Docker #Vercel #AI #TechInnovation
Source: Docker Blog
Gerardo López Falcón
2025-11-14 17:04
🚀 Discover Docker Hardened Images! These minimal base images are designed to enhance application security by eliminating unnecessary packages and proactively patching vulnerabilities. 🔍 With a 30-day trial, you can evaluate if these images reduce your security risks without extra operational burden. 📊 Expect to measure CVE counts and engineering effort during the trial to see real results. Get started with the DHI catalog and experience the benefits firsthand! #Docker #CyberSecurity #DevOps...
Source: Docker Blog
Docker Team
2025-11-14 14:00
AI developer tools promise increased productivity but results vary widely. 🚀 While some developers report boosts of 3-5x, others experience no benefits or even losses of up to 19%. In 2025, 84% of developers plan to use these tools, yet trust in their accuracy is declining. Awareness of this divide in experiences is crucial for developers. #AIDevelopment #Productivity #TechTrends #SoftwareEngineering
Source: Docker Blog
Simeon Ratliff
2025-11-13 15:00
🚀 Exciting news for developers! Docker Desktop now includes cagent, allowing you to build AI agents without any extra installations. Cagent is an open-source tool that simplifies AI agent development using YAML files. You can define behaviors and tools, while cagent manages execution. To get started, update Docker Desktop to version 4.49.0 or later and create your first agent with ease. Existing users can continue using their current installations for flexibility. Additionally, cagent now...
Source: Docker Blog
Simeon Ratliff
2025-11-13 14:00
🚨 Part 5 of our MCP Horror Stories series highlights a serious security threat: the WhatsApp Data Exfiltration Attack. This vulnerability allows attackers to steal entire message histories by leveraging a clever exploit within WhatsApp. It bypasses traditional security measures, making it difficult to detect. Understanding these threats is crucial for developers to enhance AI security. #CyberSecurity #AIThreats #DataProtection #WhatsApp #MCP
Source: Docker Blog
Ajeet Singh Raina
2025-11-12 14:00
🚀 Docker Desktop 4.50 is here, enhancing how development teams build and ship software. This update focuses on faster debugging, improved security controls, and AI integration. It aims to streamline daily workflows for developers, reducing friction and enhancing productivity. Key features include free Docker Debug for all users and deeper IDE integration for smoother troubleshooting. The new Compose to Kubernetes capabilities help bridge local development with production environments....
Source: Docker Blog
Deanna Sparks
2025-11-11 15:16
🚀 Docker Engine v29 is here, focusing on foundational updates for Linux users running the Community Edition. This release enhances maintainability and developer experience with important changes, including an updated minimum API version to 1.44 and the Containerd image store as the default for new installations. Additionally, Docker has migrated to Go modules and offers experimental support for NFTables, improving interoperability across the container ecosystem. For Docker Desktop users, no...
Source: Docker Blog
Simeon Ratliff
2025-11-11 13:53
🚀 Exciting news for developers! The Docker MCP Catalog now supports remote MCP servers with OAuth, making it easier to connect securely to various tools like Notion and Linear. 🔗 With over 60 new remote servers added, you can enhance your workflows without manual token juggling. Just two simple commands are all you need to get started! 💻 Enjoy seamless integration and quick access to essential services right from your Docker environment. #Docker #MCP #OAuth #RemoteServers #DeveloperTools
Source: Docker Blog
Simeon Ratliff
2025-11-10 14:00
📢 Join the Docker community by participating in the fourth annual State of Application Development survey! Your feedback is vital for shaping the future of application development. It takes just 20 minutes to share your insights on current trends and challenges. 🛍️ Complete the survey for a chance to win prizes, including a MacBook Pro, PlayStation 5, and Amazon gift cards! 🕒 The survey runs from November 10 to December 10, 2025. Be among the first 300 respondents to receive exclusive Docker...
Source: Docker Blog
Simeon Ratliff
2025-11-07 14:00
Source: Docker Blog
Simeon Ratliff
2025-11-06 20:51
Source: Docker Blog
Yiwen Xu
2025-11-03 13:20
Unlock the potential of multimodal AI! 🌐 This article discusses how multimodal models can process various inputs like text, images, and audio, enhancing AI capabilities. You can now ask models to describe images or transcribe audio clips for more intuitive interaction. Learn how to utilize these models with Docker Model Runner, from choosing the right model to practical examples. The CLI and API provide options for experimentation and integration into applications. #AI #Multimodal #Docker...
Source: Docker Blog
Ignasi Lopez Luna
2025-10-31 13:00
🔒 Security teams and employees often find themselves at odds over the tools needed to get work done. Tools like AI for documentation can be blocked, causing frustration for everyone involved. 💻 Shadow IT emerges as a solution, but it creates tension between innovation and security compliance. Employees seek flexibility, while security teams strive to maintain oversight. 🤝 There’s a call for collaboration to shift security focus towards compromise and efficiency, allowing for better tool...
Source: Docker Blog
Simeon Ratliff
2025-10-31 12:17
🎃 Meet Mr. Bones, the interactive Halloween chatbot! Mike Coleman from Docker transformed a Home Depot skeleton into a pirate-voiced AI that chats with kids. Using Docker Model Runner, he created a local LLM that handles conversations seamlessly. Key benefits include no API costs, low latency, and easy model switching. Curious about how it works? Kids talk to the skeleton, and a Raspberry Pi processes their questions before Mr. Bones responds in pirate voice! 🏴☠️👻 #Halloween #AI #Docker...
Source: Docker Blog
Mike Coleman
2025-10-30 11:46
🚀 The recent study by theCUBE Research highlights Docker's significant role in enhancing developer productivity and software supply chain security. 🔍 Nearly 400 IT and AppDev leaders reported that Docker streamlines agentic AI development, reducing setup time by over 25% for 87% of organizations. 🛡️ Docker's integrated security features help maintain compliance, with 95% of respondents noting improved vulnerability identification. For more insights, check out the full report! 📊 #Docker...
Source: Docker Blog
John Ayub
2025-10-30 11:46
🚀 A recent study by theCUBE Research explores Docker's influence on developer productivity and AI development. Nearly 400 IT leaders from global enterprises shared insights on how Docker enhances software supply chain security and reduces costs. Key findings indicate that 87% of organizations have cut AI setup time by over 25%, while 80% report a 26% faster AI time-to-market. Docker integrates security seamlessly, with 95% of respondents noting improved vulnerability management. For a deeper...
Source: Docker Blog
John Ayub
2025-10-27 13:00
Unlock the potential of Claude Desktop with the Docker MCP Toolkit! 🚀 This integration allows Claude to function as a development partner, executing tasks securely without affecting your local machine. With the Model Context Protocol (MCP), Claude can connect to tools and APIs, enabling actions like container deployment and data analysis. 🛠️ The Docker MCP Toolkit creates a safe environment for these processes, ensuring security and efficiency. Automate tasks that once took hours down to just...
Source: Docker Blog
Ajeet Singh Raina
2025-10-24 23:09
🚨 **Docker Hub Incident Report** 🚨 On October 20, 2025, Docker experienced a significant outage due to issues in AWS’s US-East-1 region. This affected services like Docker Hub and Build Cloud, disrupting workflows for developers globally. The outage began at 06:48 UTC, leading to complete service interruption by 08:01 UTC. Partial recovery started around 09:40 UTC, with full restoration achieved by 09:42 UTC on October 21. We are monitoring our systems closely to ensure stability moving...
Source: Docker Blog
Tushar Jain
2025-10-24 19:07
🚀 Exciting developments in AI tooling! Mike Coleman from Docker discusses the importance of implementing guardrails for AI adoption in enterprises. Many organizations seek tighter control over the tools available to developers through Docker’s Model Context Protocol (MCP) tooling. The article provides a guide on how to create a custom MCP catalog by forking Docker’s official catalog, hosting images in a private registry, and using the MCP Gateway to manage server connections. Learn more about...
Source: Docker Blog
Mike Coleman
2025-10-24 13:00
🚀 Dive into Docker's MCP Toolkit and Gateway! In a recent discussion, Jim Clark explained how the MCP Toolkit helps users discover and manage MCP servers seamlessly. It leverages Docker containers for installation and orchestration, ensuring consistency and governance. The MCP Gateway unifies server access for clients, enhancing security with OAuth support and provenance checks. For official details, check out the Docker MCP Catalog. #Docker #MCPToolkit #MCPGateway #TechTalk #SoftwareEngineering
Source: Docker Blog
Oleg Selajev
2025-10-24 13:00
🌐 More people are choosing self-hosted alternatives for their digital tools, moving away from cloud services that come with subscription fees and data privacy concerns. 💾 Self-hosting allows individuals to control their data and avoid reliance on third-party providers. Many open-source options exist for those looking to manage their own software. 🔍 The article explores the rise of self-hosting, its benefits, and beginner-friendly software options. #SelfHosting #DataPrivacy #OpenSource...
Source: Docker Blog
Thinus Swart
2025-10-23 13:59
🛠️ The era of AI agents is evolving, but trust remains a significant challenge. Docker, with over 20 million developers, is enhancing its tools for building and securing AI agents. 🔒 Recently, Docker partnered with E2B to provide secure cloud sandboxes for developers. This collaboration aims to give fast and secure access to numerous real-world tools. 🤖 With new capabilities and a focus on safety, Docker is setting the standard for how agents connect and act in a secure manner. #Docker #E2B...
Source: Docker Blog
Mark Cavage
2025-10-22 13:00
🚀 Developers often face limitations with their local machines when handling heavy tasks like AI training or large code compilations. Docker Offload addresses this by allowing users to extend their existing Docker workflows to the cloud, maintaining the familiar commands while leveraging powerful cloud resources. This service is perfect for executing resource-intensive builds, enhancing development speed, and managing complex applications without the need for hardware upgrades. Getting started...
Source: Docker Blog
Kristiyan Velkov
2025-10-21 13:26
🚀 Exciting updates for Docker users! The latest upgrade to the Docker Model Runner enhances the interactive chat experience. It now features a readline-style prompt with keyboard shortcuts for smoother navigation and editing. Key improvements include: - New keyboard shortcuts for efficient text management. - Ability to stop model responses anytime using “Ctrl + c”. - Better multi-line support and command history for easier experimentation. Enhance your AI workload management today! #Docker...
Source: Docker Blog
Eric Curtin
2025-10-20 13:46
🚀 Exciting news in the AI community! Sergei Shitikov has developed a new Docker extension that simplifies running local AI models using Docker Model Runner and Open WebUI. This tool makes local LLMs accessible to everyone, even those without a tech background. With just a few clicks, you can set up your own AI assistant, enjoying a rich chat experience while maintaining privacy. No complex configurations required! Learn more about this powerful duo and how to get started. #AI #Docker...
Source: Docker Blog
Sergei Shitikov
2025-10-17 19:12
Unlock the potential of AI coding with OpenAI's Codex and the Docker MCP Toolkit! 🔗 The Model Context Protocol (MCP) Toolkit connects Codex to over 200 MCP servers, enabling efficient interaction with specialized tools. This post demonstrates how to link Codex with Neo4j, showcasing a fun project that visualizes Pokémon species data. 📊 The Docker MCP Toolkit simplifies data modeling, allowing developers to focus on building knowledge graphs without the usual setup hassles. Discover how this...
Source: Docker Blog
Oleg Selajev
2025-10-17 13:00
jQuery has been a staple in web development since its launch in 2006. Initially, it simplified tasks like DOM manipulation and event handling across different browsers, which was a challenge at the time. 🌐 Despite the rise of modern frameworks, jQuery remains popular, with around 195 million websites using it as of August 2025. Some developers, including the article's author, still find it useful for specific tasks. 🔧 The article discusses when to choose jQuery over other tools, emphasizing...
Source: Docker Blog
Aniket Bhattacharyea
2025-10-16 13:00
🚀 Building Docker images is vital for modern application delivery. However, debugging Dockerfiles can be complex and time-consuming. To enhance this process, recent updates to Docker Build clients and the VS Code Docker extension now introduce Build Debugging. This allows developers to inspect build stages, variables, and even open a shell in the image being built. 🐳 To get started, ensure you have the latest Docker DX extension and Docker Desktop. Create a launch configuration in VS Code to...
Source: Docker Blog
Remy Suen
2025-10-15 16:11
🚀 At Docker, we're committed to building hardened images with meticulous human craftsmanship and enhanced by AI. This dual approach ensures better security for our users. Our AI guardrail recently caught a critical bug during an nginx-exporter update, preventing potential issues from reaching customers. This highlights the importance of layered safeguards in software development. By addressing issues upstream, we maintain clean images and support the broader open-source community. #Docker #AI...
Source: Docker Blog
Christian Dupuis