Safeguard
Topic

Container Security

In-depth guides and analysis on container security from the Safeguard engineering team.

283 articles

Container Security

Docker Hub malicious image report

Researchers estimate roughly 3% of public Docker Hub images carry malicious payloads. Here's what's inside them, how they spread, and how to defend your pipeline.

Nov 18, 20257 min read
Container Security

Top vulnerable base images on Docker Hub

A look at why Docker Hub's most-pulled base images still ship hundreds of known CVEs, and how reachability analysis cuts the noise down to what's actually exploitable.

Nov 18, 20257 min read
Container Security

Cryptomining malware hidden in public Docker images

Cryptomining malware keeps resurfacing in public Docker images. Here's how attackers hide miners in plain sight — and how to catch them before they run.

Nov 18, 20257 min read
Container Security

Docker Hub typosquatting of official images

Attackers are cloning popular Docker Official Images under lookalike names, tricking `docker pull` into fetching malware instead of trusted base images.

Nov 17, 20257 min read
Container Security

Container image supply chain attack trends

Container images have become the software supply chain's most contested attack surface. A look at the xz-utils backdoor, registry-borne malware campaigns, and the detection gaps behind them.

Nov 17, 20258 min read
Container Security

Alpine vs Debian base image vulnerability comparison

A 2026 look at Alpine vs. Debian base image CVEs shows raw vulnerability counts mislead — patch cadence and reachability matter more than distro choice.

Nov 17, 20256 min read
Container Security

Outdated container images still running in production

New industry data shows most production containers still run on stale, vulnerable base images months after fixes ship -- here's why, and how to close the gap.

Nov 17, 20258 min read
Container Security

Container registry credential leak trends

2026 data shows container registry credential leaks accelerating as CI pipelines speed up — and why layer-aware scanning, not just final-image checks, is now essential.

Nov 16, 20256 min read
Container Security

Distroless image security trend report

Distroless adoption is up nearly 3x since 2024, but Safeguard's 2026 scan data shows SBOM gaps, missed dependencies, and inflated CVE lists still undermine the hardening it promises.

Nov 16, 20257 min read
Container Security

Kubernetes Helm chart vulnerability trends

New Safeguard research finds most public Helm charts ship risky defaults and stale image pins—here's what the data shows and how to fix it.

Nov 16, 20257 min read
Container Security

Containers Not Dropping Default Linux Capabilities

Docker grants every container 14 Linux capabilities by default. Here's why NET_RAW, SYS_CHROOT, and friends turn contained compromises into breakouts—and how to drop them safely.

Oct 28, 20257 min read
Container Security

Containers Running in Privileged Mode: Risks and Fixes

Docker's --privileged flag strips seccomp, AppArmor, and capability limits in one line. Here's how attackers exploit it, real CVEs, and how to lock it down.

Oct 28, 20257 min read
Container Security (Page 17) — Supply Chain Security Blog | Safeguard