After if began stealing AWS credentials last summer, the TeamTNT botnet is now also stealing Docker API logins, making the use of firewalls mandatory for all internet-exposed Docker interfaces.