Safeguard
Tag

docker-hub

Safeguard articles tagged "docker-hub" — guides, analysis, and best practices for software supply chain and application security.

10 articles

Supply Chain Security

Software Supply Chain Attack at Scale: npm, PyPI, and Docker Hub Hit in 48 Hours

GitGuardian documented three distinct supply-chain campaigns striking npm, PyPI, and Docker Hub inside a single 48-hour window in April 2026. The simultaneity tells you more about attacker tooling than any single payload does.

Jun 24, 20267 min read
Container Security

Docker Hub malicious image detection

Docker Hub's open upload model has enabled real cryptojacking and phishing campaigns — here's how attackers hide malware in images and how to detect them.

Jun 21, 20267 min read
Cloud Security

Container registries explained: Docker Hub vs private/ent...

Docker Hub vs. private/enterprise registries explained, with a look at where JFrog Artifactory fits — and why registry choice alone doesn't solve supply chain security.

May 31, 20268 min read
Incident Analysis

Docker Hub Exposed Secrets at Scale 2024

Researchers keep finding valid AWS, GitHub, and cloud credentials baked into public Docker Hub images. What the 2024 data shows and how to stop shipping secrets.

Mar 17, 20268 min read
Container Security

The 2019 Docker Hub Database Breach Exposing User Credent...

In April 2019, Docker Hub exposed 190,000 accounts' credentials and GitHub/Bitbucket tokens. Here's what happened, what leaked, and why it still matters for supply chain security.

Nov 19, 20257 min read
Container Security

Docker Hub malicious image report

Researchers estimate roughly 3% of public Docker Hub images carry malicious payloads. Here's what's inside them, how they spread, and how to defend your pipeline.

Nov 18, 20257 min read
Container Security

Top vulnerable base images on Docker Hub

A look at why Docker Hub's most-pulled base images still ship hundreds of known CVEs, and how reachability analysis cuts the noise down to what's actually exploitable.

Nov 18, 20257 min read
Container Security

Docker Hub typosquatting of official images

Attackers are cloning popular Docker Official Images under lookalike names, tricking `docker pull` into fetching malware instead of trusted base images.

Nov 17, 20257 min read
DevSecOps

Docker Hub Rate Limit Changes and CI Impact

Docker's 2024 rate-limit reforms hit CI pipelines hard. Measured impact on 30 real build farms and the mirror and pull-through controls that fixed it.

Oct 3, 20245 min read
Infrastructure Security

Rate Limiting in Package Registries: Balancing Security and Developer Experience

Docker Hub's rate limits broke builds worldwide. Rate limiting is necessary for registry security, but getting it wrong disrupts entire engineering organizations.

Jul 12, 20235 min read
docker-hub — Safeguard Blog