Postgres Docker Container Hijacked by XMR Miner — Agent Security PSA

@sibunting's dev box was compromised when an agent spun up pgvector with default settings (port bound to 0.0.0.0 + POSTGRES_HOST_AUTH_METHOD: trust). Attacker used COPY FROM PROGRAM to drop a Monero miner for ~10 hours.…