You can do anything with regex
Detect and mitigate CVE-2025-14847, an unauthenticated information leak vulnerability in MongoDB. Exploitation has been observed in the wild. Organizations should patch urgently.
Wiz Threat Research has observed exploitation in-the-wild of CVE-2025-8110
We break down the exploit mechanics and detail active in-the-wild attacks observed by our team, from credential harvesting to sophisticated cloud backdoors.
Detect and mitigate React2Shell (CVE-2025-55182), critical RCE vulnerability in React and Next.js exploited in the wild. Organizations should patch urgently.
Detect and mitigate malicious npm packages linked to the recent Shai-Hulud-style campaign. Over 25,000 affected repositories across ~350 unique users.
When common processes start asking the wrong questions
Exploring how simple setup flaws become open doors for attackers—and what teams can do to shut them.
Understanding the risks and impact of deploying dev-mode in production environments
The Wiz Threat Research team has identified a widespread cryptojacking campaign targeting commonly used DevOps applications including Nomad and Consul.
Wiz Threat Research has observed exploitation in-the-wild of CVE-2025-4427 and CVE-2025-4428, the latest vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM).
Cloud environments at risk: Attackers target weak PostgreSQL instances with fileless cryptominer payloads.
Discover how behavioral cloud IOCs can expose malicious activity as we break down real-world examples to reveal actionable detection techniques.
The Wiz Incident Response team is currently responding to multiple incidents involving CVE-2024-50603, an Aviatrix Controller unauthenticated RCE vulnerability, that can lead to privileges escalation in the AWS control plane. Organizations should patch urgently.
Wiz Threat Research uncovered a new malware campaign targeting Linux environments attributed to the Diicot threat group.
Detect and mitigate critical vulnerabilities (CVE-2024-9463, CVE-2024-9464, CVE-2024-9465, CVE-2024-9466, CVE-2024-9467) in Palo Alto Networks’ Expedition tool. Organizations should patch urgently.
Wiz Threat Research recently spotted a new phishing campaign targeting AWS accounts.
Wiz is expanding our existing detection capabilities to include pattern-based malware detection using YARA rules written by the Wiz Research team
Wiz researchers discover ongoing threat to popular testing framework.
Detect and mitigate CVE-2024-6387, a remote code execution vulnerability in OpenSSH. Organizations are advised to patch urgently.
Learn how the threat actors behind the 2023 DERO cryptojacking campaign have adapted their techniques to evade detection, and the best practices for mitigation.
Detect and mitigate CVE-2024-4040, a critical vulnerability in CrushFTP exploited in the wild. Organizations should patch urgently.
Detect and mitigate CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score: 7.3), authentication bypass vulnerabilities in JetBrains TeamCity.
