your pocket friend is a user on mastodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse.
If you don't, you can sign up here.
Backdoored images downloaded from DockerHub 5 million times https://arstechnica.com/information-technology/2018/06/backdoored-images-downloaded-5-million-times-finally-removed-from-docker-hub/ https://kromtech.com/blog/security-center/cryptojacking-invades-cloud-how-modern-containerization-trend-is-exploited-by-attackers
Malware installed through DockerHub can also escape the container, so may continue to run.
Friends don't let friends install unreproducible black box container images.
@cwebber Trying to explain supply chain attacks is not always the most successful conversation I can have
