Containers on fire: from container escapes to supply chain attacks

This report surveys the primary attack vectors targeting containerized environments — including kernel/runtime vulnerabilities, malicious containers, container escapes via excessive capabilities, misconfigured orchestration APIs, and supply-chain/CI-CD compromises — and illustrates each with real CVEs and practical examples of exploitation and persistence techniques.