Malicious Kong Ingress Controller Image Found on DockerHub

A critical security breach occurred when a malicious Kong Ingress Controller image was uploaded to DockerHub, containing cryptojacking code. The Kong team quickly removed the compromised image and released a patched version, but users who deployed version 3.4.0 between December 22nd and January 3rd must take immediate action to remove the vulnerable image and replace it with a clean version. This incident highlights the importance of software supply chain security and the need for organizations to employ image integrity verification mechanisms and conduct regular security audits.