techbot (@techbot@social.raytec.co)
Malicious Artifacts Found in Official KICS Docker Repository and Code Extensions
Docker and Socket uncovered a supply chain compromise affecting Checkmarx KICS distribution channels. Attackers poisoned official Docker Hub images (tags v2.1.20, v2.1.21, alpine) and VS Code extensions (versions 1.17.0, 1.19.0), introducing unauthorized data exfiltration capabilities. The trojanized KICS binary collects and encrypts scan reports containing credentials from infrastructure-as-code files, transmitting them to external endpoints. Compromised VS Code extensions download mcpAddon.js via Bun runtime, harvesting GitHub tokens, AWS credentials, Azure tokens, npm configurations, and SSH keys. The malware creates public GitHub repositories for staging stolen data, injects malicious GitHub Actions workflows to capture repository secrets, and uses stolen npm credentials to identify writable packages for propagation. TeamPCP appears to claim responsibility for this multi-stage attack designed to steal developer credentials and propagate through CI/CD pipelines.
Pulse ID: 69e9526908d4b6c7e9c97fed
Pulse Link: https://otx.alienvault.com/pulse/69e9526908d4b6c7e9c97fed
Pulse Author: AlienVault
Created: 2026-04-22 22:57:45
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#AWS #Azure #CyberSecurity #Docker #Endpoint #GitHub #ICS #InfoSec #Malware #NPM #OTX #OpenThreatExchange #RAT #SSH #SupplyChain #Trojan #bot #AlienVault
Show Original Post
CuratedHackerNews (@CuratedHackerNews@mastodon.social)
Arch Linux Now Has a Bit-for-Bit Reproducible Docker Image
https://antiz.fr/blog/archlinux-now-has-a-reproducible-docker-image/
Show Original Post
learnbyfixing (@learnbyfixing@mastodon.social)
Struggling with Docker issues? This new troubleshooting roadmap can help:
https://www.learnbyfixing.com/roadmaps/docker/
It brings together practical guides and structured skill paths to sharpen your Docker debugging abilities.
#LearnByFixing #DevOps #SRE #Sysadmin #Docker #Linux
Show Original Post
fst (@fst@mstdn.io)
#Podman in Production: Quadlets, Secrets, Auto-Updates, and #Docker Compatibility | Larvitz Blog
https://blog.hofstede.it/podman-in-production-quadlets-secrets-auto-updates-and-docker-compatibility/#secrets-management
Show Original Post
lukasrotermund (@lukasrotermund@social.tchncs.de)
Oof! Building a Go app with dependencies and pulling fresh Docker images over a 5 Mbit hotel connection is tough.
Show Original Post
hadsn (@hadsn@mstdn.nere9.help)
#Docker が必要なのってDLL Hell的な依存関係の整理が目的だと思っていたのですが
Show Original Post
mez (@mez@mastodon.nz)
Anyone use Forgejo's action runner?
I've finally gotten around to using the latest (v12) and decided for a fresh install on a new server, so it isn't sharing resources or as much of a security issue.
Should be simple, just a docker compose and some config, but for some reason the container is setting everything up with `nobody` owning the volume mount, so the running user in the container doesn't have permissions to write files.
Very stumped as usually user id matching container and host mounts is straight forward. Any help appreciated.
Show Original Post
cvedatabase (@cvedatabase@techhub.social)
Security Tip: Harden your containers by enforcing a read-only root filesystem. 🐳 By default, containers are often writable, allowing attackers to download scripts or modify configs if they gain a foothold. Using the '--read-only' flag in Docker (or Kubernetes settings) forces apps to write only to designated volumes, limiting an attacker's options. Stay ahead of container vulnerabilities at https://cvedatabase.com #InfoSec #CyberSecurity #Docker #K8s
Show Original Post
fox (@fox@social.hostnetwork.xyz)
restoring all my docker containers lowkey sucks cause all the permissions got wacked and apparently i can just make all the containers run shit as user id 1000. YAY!
Show Original Post
linuxeasy (@linuxeasy@mastodon.uno)
Arch Linux compie un passo importante nel mondo dei container introducendo una nuova immagine Docker completamente riproducibile. #Linux #ArchLinux #Docker
Show Original Post
cvedatabase (@cvedatabase@techhub.social)
Security Tip: The principle of least privilege applies to your containers too! 🐳 Running containers as root is a major risk. If a vulnerability like a container escape is exploited, the attacker inherits those root privileges on the host. Action: Add a non-privileged user to your Dockerfile and use the USER instruction. Stay informed on the latest container vulnerabilities: https://cvedatabase.com #InfoSec #ContainerSecurity #Docker #CyberSecurity
Show Original Post
blog (@blog@social.techniverse.net)
E-Mails archivieren mit Mail-Archiver – mein Docker-Setup
Vor kurzem kam ein Freund mit einer ziemlich dringenden Anfrage auf mich zu.Seine Domain sollte abgeschaltet werden und er wollte vorher noch die Mails aus bestimmten Postfächern sichern. Möglichst vollständig und natürlich am besten schnell.
D...
https://www.cleveradmin.de/blog/2026/04/e-mails-archivieren-mit-mail-archiver-mein-docker-setup/
#Docker #docker #email #exchange #imap #mailarchivierung #office365 #selfhosting
Show Original Post