⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More - The Hacker News

A critical-severity vulnerability, named DockerDash, in Docker's Ask Gordon AI assistant allows for Remote Code Execution (RCE) in Docker environments. This is achieved through "meta-context injection," where malicious instructions embedded in Docker image metadata labels are executed by the Model Context Protocol (MCP) Gateway without proper validation.