This, kids, is why when relying on containers, we should ensure that (at least):
1. Their filesystem is READONLY (example: if you are using Python, generate your .pyc files when creating your OCI image, not at runtime)
2. They run under a non-privileged user
And, at the host & network levels:
3. The private network is properly segmented.
4. We have firewall rules to control outgoing traffic and traffic between subnets.
This is not paranoia not overengineering, shit happens, we ought to be careful.