CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Non-Human Identities Exposed in Docker Hub Container Images

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Flare researchers discovered over 10,000 Docker Hub container images leaking production API keys, cloud tokens, CI/CD credentials, and AI model access tokens. These non-human identities (NHIs), which authenticate applications and automated services, often have broad privileges and indefinite lifespans. The exposures highlight systemic issues in credential governance and automated secret detection, with real-world incidents like the Snowflake breach and Home Depot's year-long exposure demonstrating the risks of unmanaged NHIs.

Timeline

  1. 04.02.2026 17:05 1 articles · 7h ago

    Flare Researchers Discover Over 10,000 Docker Hub Container Images Leaking Secrets

    In late 2025, Flare researchers uncovered more than 10,000 Docker Hub container images leaking secrets, including production API keys, cloud tokens, CI/CD credentials, and AI model access tokens. These non-human identities (NHIs) often have broad privileges and indefinite lifespans, posing significant security risks. The exposures highlight systemic issues in credential governance and automated secret detection.

    Show sources
    Open in new tab

Information Snippets

  • Over 10,000 Docker Hub container images were found leaking secrets, including production API keys, cloud tokens, CI/CD credentials, and AI model access tokens.

    First reported: 04.02.2026 17:05
    1 source, 1 article
    Show sources

  • Non-human identities (NHIs) authenticate applications, build pipelines, and automated services continuously, often with broad privileges and indefinite lifespans.

    First reported: 04.02.2026 17:05
    1 source, 1 article
    Show sources

  • The Snowflake breach in 2024 compromised 165 organizations through leaked credentials, including API-like accounts and automation users.

    First reported: 04.02.2026 17:05
    1 source, 1 article
    Show sources

  • Home Depot's internal systems remained accessible for over a year due to a single leaked GitHub access token.

    First reported: 04.02.2026 17:05
    1 source, 1 article
    Show sources

  • Red Hat GitLab breach in October 2025 resulted in the exfiltration of tens of thousands of private repositories and hundreds of Customer Engagement Reports (CERs).

    First reported: 04.02.2026 17:05
    1 source, 1 article
    Show sources

  • The leaked secrets included AI API keys, cloud secrets, database credentials, JWT tokens, SMTP keys, and payment gateway keys.

    First reported: 04.02.2026 17:05
    1 source, 1 article
    Show sources