Docker syslog container - Autostarting randomly

Hi, I need a clarification regarding a docker situation.

Background Info:
I have a few docker containers running in a server with an own private docker repository.
I also have watchtower container to update all the images automatically and a portainer container to monitor them all.
Everything is running fine for a few months.

Problem:
Sometimes there is a new container with a random name from the image “syslog2:latest” that automatically starts during midnight and keeps running.
The logs of this conatiner are more strange. Few lines from the logs:

30
30
knock
0
0
http://54.39.10.60:8087//bots/knock?worker=Universal&os=Linux&version=1.1
0
0
0

Everytime I delete this container, it reappears after some days randomly.

I wish to know if this is some sort of serious security vulnerability or just a bug.

Any suggestion is welcome. Thanks in advance…