"Adversaries utilize the Container CLI/API technique to manipulate containers for a variety of malicious purposes, taking advantage of their inherent flexibility and, at times, insufficiently secured configurations."

T1059.013 Container CLI/API in MITRE ATT&CK Explained by Sıla Özeren Hacıoğlu via Picus Security from March 15, 2026 https://cybersec.picussecurity.com/s/t1059-013-container-cli-api-in-mitre-att-ck-explained-26385