"When a server running Docker has its Docker Daemon publicly exposed over REST API, an attacker can abuse and create containers on the host based on attacker-controlled images," he says. A ...