AT

AttackTrace

Browse techniquesThreat activityBrowse ATLASSearch
ATLASAML.T0010.004
ATLAS index
AML.T0010.004

Container Registry

An adversary may compromise a victim's container registry by pushing a manipulated container image and overwriting an existing container name and/or tag. Users of the container registry as well as automated CI/CD pipelines may pull the adversary's container image, compromising their AI Supply Chain. This can affect dev

Framework
MITRE ATLAS
Maturity
Demonstrated
Platforms
Predictive AI, Generative AI, Agentic AI
Release
2026.05

Overview

An adversary may compromise a victim's container registry by pushing a manipulated container image and overwriting an existing container name and/or tag. Users of the container registry as well as automated CI/CD pipelines may pull the adversary's container image, compromising their AI Supply Chain. This can affect development and deployment environments.

Container images may include AI models, so the compromised image could have an AI model which was manipulated by the adversary (See Manipulate AI Model).

Sources

  1. MITRE ATLAS AML.T0010.004: Container Registry — MITRE