Fryboyter@discuss.tchncs.de to Linux@lemmy.mlEnglish · 2 years agoThousands of images on Docker Hub leak auth secrets, private keyswww.bleepingcomputer.comexternal-linkmessage-square41fedilinkarrow-up1219arrow-down12file-textcross-posted to: tech@kbin.social
arrow-up1217arrow-down1external-linkThousands of images on Docker Hub leak auth secrets, private keyswww.bleepingcomputer.comFryboyter@discuss.tchncs.de to Linux@lemmy.mlEnglish · 2 years agomessage-square41fedilinkfile-textcross-posted to: tech@kbin.social
minus-squareLaser@feddit.delinkfedilinkEnglisharrow-up3·2 years agoI guess it depends, if it’s a secret in use for the image, an attacker might use it to attack a pulled instance if the user deploying it didn’t change the secret. Kind of like an unchanged initial password.
I guess it depends, if it’s a secret in use for the image, an attacker might use it to attack a pulled instance if the user deploying it didn’t change the secret. Kind of like an unchanged initial password.