-
Over 10,000 Docker Hub images found leaking credentials, auth keys
More than 10,000 Docker Hub container images expose data that should be protected, including live credentials to production systems, CI/CD databases, or LLM model keys.
- December 10, 2025
- 01:22 PM
0
-
Docker Hub still hosts dozens of Linux images with the XZ backdoor
The XZ-Utils backdoor, first discovered in March 2024, is still present in at least 35 Linux images on Docker Hub, potentially putting users, organizations, and their data at risk.
- August 12, 2025
- 02:43 PM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Docker-OSX image used for security research hit by Apple DMCA takedown
The popular Docker-OSX project has been removed from Docker Hub after Apple filed a DMCA (Digital Millennium Copyright Act) takedown request, alleging that it violated its copyright.
- August 31, 2024
- 10:16 AM
- 10
-
Millions of Docker repos found pushing malware, phishing sites
Three large-scale campaigns have targeted Docker Hub users, planting millions of repositories designed to push malware and phishing sites since early 2021.
- April 30, 2024
- 01:32 PM
- 2
-
Thousands of images on Docker Hub leak auth secrets, private keys
Researchers at the RWTH Aachen University in Germany published a study revealing that tens of thousands of container images hosted on Docker Hub contain confidential secrets, exposing software, online platforms, and users to a massive attack surface.
- July 16, 2023
- 10:09 AM
- 0
-
Docker Hub repositories hide over 1,650 malicious containers
Over 1,600 publicly available Docker Hub images hide malicious behavior, including cryptocurrency miners, embedded secrets that can be used as backdoors, DNS hijackers, and website redirectors.
- November 24, 2022
- 12:16 PM
- 0
-
TeamTNT hackers target your poorly configured Docker servers
Poorly configured Docker servers and being actively targeted by the TeamTNT hacking group in an ongoing campaign started last month.
- November 09, 2021
- 03:57 PM
- 0
-
Docker Hub images downloaded 20M times come with cryptominers
Researchers found that more than two-dozen containers on Docker Hub have been downloaded more than 20 million times for cryptojacking operations spanning at least two years.
- March 29, 2021
- 02:30 PM
- 0
-
Unsecured Docker Hosts Attacked by New Graboid Cryptojacking Worm
A new cryptojacking campaign was discovered using Docker images to deliver a worm that follows a seemingly erratic plan where the miner is active for about four minutes at a time on an infected host.
- October 16, 2019
- 10:15 AM
- 0
-
Docker Hub Database Hack Exposes Sensitive Data of 190K Users
An unauthorized person gained access to a Docker Hub database that exposed the the user names and hashed passwords for approximately 190,000 users. In addition, a small percentage of users have had their GitHub and Bitbucket tokens for Docker autobuilds leaked as well.
- April 26, 2019
- 11:30 PM
- 0
.jpg)
