In this article, I will share a fun fact with you. By default an Azure reader account is allowed to pull all the images from the Azure Container Registry. Next step will be to find sensitive credentials, tokens directly hardcoded in the container images!