这一发展源于对Trivy的供应链入侵攻击。Trivy是由Aqua Security维护的流行开源漏洞扫描工具，威胁行为者利用被入侵的凭据，在该工具的木马化版本以及两个相关GitHub Actions"aquasecurity/trivy-action"和"aquasecurity/setup-trivy"中植入凭据窃取器。

IT之家 12 月 11 日消息，网络安全公司 Flare 昨日（12 月 10 日）发布报告，其研究人员在 11 月扫描 Docker Hub 后发现，超过 10000 个容器镜像泄露了敏感数据，包括生产系统凭证、CI / CD 数据库密码及 AI 模型密钥（如 OpenAI 和 HuggingFace）。 该公司研究人员于 11 月扫描 ...

More than 10,000 Docker Hub container images expose data that should be protected, including live credentials to production systems, CI/CD databases, or LLM model keys. The XZ-Utils backdoor, first ...

An unauthorized person gained access to a Docker Hub database that exposed sensitive information for approximately 190,000 users. This information included some usernames and hashed passwords, as well ...

I wore the world's first HDR10 smart glasses TCL's new E Ink tablet beats the Remarkable and Kindle Anker's new charger is one of the most unique I've ever seen Best laptop cooling pads Best flip ...

How to successfully log in to Docker Hub from the command line interface Your email has been sent Image: Docker Networking: Must-read coverage Gartner releases 4 trends that will impact cloud, data ...

New research reveals the scale at which criminals have exploited public open-source Docker repositories to plant malware among container images. A new security analysis of the 4 million container ...

How to create a docker image and push it to Docker Hub Your email has been sent If you're ready to take your docker 101 skills to the next level, Jack Wallen walks you through the steps of creating a ...