"Thousands of Images on Docker Hub Leak Auth Secrets, Private Keys"

Researchers from the RWTH Aachen University in Germany have published a study revealing tens of thousands of container images hosted on Docker Hub containing confidential secrets, exposing software, online platforms, and users to attacks. Docker Hub is a cloud-based repository for storing, sharing, and distributing Docker images for the Docker community. These container creation templates include the necessary software code, runtime, libraries, environment variables, and configuration files for deploying an application in Docker with ease. The German researchers analyzed 337,171 Docker Hub images and thousands of private registries and discovered that about 8.5 percent contain sensitive data, such as private keys and API secrets. This article continues to discuss findings from the analysis of images from Docker Hub and thousands of private registries.

Bleeping Computer reports "Thousands of Images on Docker Hub Leak Auth Secrets, Private Keys"