Hackers abuse container technology to execute supply chain attacks
The cybersecurity firm Aqua Security uncovered several supply chain attacks that use malicious container images to compromise their victims when its threat research team, Team Nautilus was performing its daily scan of Docker Hub for malicious activity according to a new blog post.
Malicious Docker Images Used to Mine Monero
Aqua Security researchers recommend companies improve their defensive measures to reduce the risk of falling victim to this type of attack. “Attackers are increasingly targeting organizations’ software supply chains, and in some cases, they are getting better at hiding their attacks,” the researchers say.
Are Your Containers Secure?
“When practitioners fail to implement a holistic approach with protecting their workloads at runtime, they are opening up their environments to attackers, since even the most complete ‘shift left’ vulnerability and malware detection cannot prevent zero-day attacks and administrator errors,” said Amir Jerbi, cofounder and CTO at Aqua.
The 20 Hottest Cybersecurity Products At Black Hat 2021
Aqua Security’s new cloud-native application protection platform leverages a unified console to ease the journey from scanning and visibility to workload protection in cloud-native environments. The platform reduces administrative burden and allows security teams to start with scanning and cloud security posture management, and then add in sandboxing capabilities and workload protection as needed.
Study Finds 100% of Commercial Apps Contain Security Flaws
The risk that open source components pose to applications has less to do with the component itself than the supply chain that supports it, asserted Tsvi Korren, field CTO at Aqua Security. “It all comes down to the degree of governance and oversight, which open source projects often lack,” he told TechNewsWorld.
Aqua Security: 97% unaware of crucial cloud native security principles
Ninety-seven percent of cloud-native security practitioners are broadly unaware of essential container security principles, according to a report from Aqua Security.
Default Security Capabilities of Containers Are Overestimated
Only 3% of respondents recognize that a container, in and of itself, is not a security boundary, indicating that the default security capabilities of containers are overestimated, according to the 2021 Cloud Native Security Survey from Aqua Security.
Aqua Platform helps security teams secure cloud native environments
Aqua Security announced the availability of its new Aqua Platform, with a unified console to ease the journey from scanning and visibility to workload protection in cloud native environments.
- Critical CVE in React Server Components Actively Exploited December 9, 2025
- Selective Memory Dump Technique for Deeper Container Forensic Analysis November 17, 2025
- Aqua at KubeCon 2025: Securing Cloud Native and AI Apps November 4, 2025
- Security That Speaks Your Language: Trivy MCP Server October 28, 2025
- Kaiji Malware: Anatomy, Persistence and Detection October 14, 2025
- Aqua Secure AI Wins AI Cybersecurity Solution of the Year October 9, 2025
