Hacker News new | comments | show | ask | jobs | submit login

Even that isn't quite it - this is not a case of people accidentally downloading and running malicious containers.

People are leaving kubernetes/docker/whatever open to the world, and attackers are instructing their servers to download and run these containers.

The complaint is that Docker Hub is hosting the attack code for the attackers. They could have hosted it on their own custom registry server if they wanted. (But why bother if you can just host it on Docker Hub.) In the same vein, they could use GitHub to host their attack code. Or they could put in in an S3 bucket...

Applications are open for YC Winter 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact