Cybersecurity researchers uncovered multiple campaigns targeting Docker Hub over the past 5 years by planting 4 million malicious 'imageless' containers; disguised as repositories, these landing pages redirect users to phishing or malware-hosting websites, with 3.2 million used in broad campaigns including a Downloader campaign luring users with pirated content links leading to malicious sources, E-book phishing redirecting users to fake e-book sites to steal financial info, and a Website cluster campaign with unclear goals; security researchers emphasize the challenge in protecting against such attacks and the importance of cautious downloading from open-source repositories to avoid malware playgrounds with threat actors exploiting such vulnerabilities to deceive victims. ```
https://thehackernews.com/2024/04/millions-of-malicious-imageless.html