Featured
From Compromised Keys to Phishing Campaigns: Inside a Cloud Email Service Takeover
Exposed cloud credentials become the launchpad for mass phishing, highlighting email services as a prime target in cloud exploitation campaigns.
Blog
s1ngularity's Aftermath: AI, TTPs, and Impact in the Nx Supply Chain Attack
A deeper look at the Nx supply chain attack: analyzing the performance of AI-powered malware, calculating incident impact, and sharing novel TTPs for further investigation.
s1ngularity: supply chain attack leaks secrets on GitHub: everything you need to know
Detect and mitigate a critical supply chain compromise affecting the Nx NPM Package. Organizations should act urgently.
Secrets Found. Owners Identified. Issues Fixed.
Wiz closes the loop on exposed secrets with blast radius context, ownership intelligence, and actionable, AI-powered fixes.
Unpacking the 2025 Gartner Market Guide for CNAPP
From siloed tools to a unified platform: Key takeaways from Gartner's new CNAPP report.
A new type of long-lived key on AWS: Bedrock API keys
New AWS Bedrock keys simplify authentication while raising security considerations.
Build to Runtime, Covered: A New Standard for Container Image Visibility
Wiz’s reimagined container image page gives teams complete visibility, smarter prioritization, and faster remediation, from code to runtime.
Wiz Completes IRAP Assessment to Support Australian Government Cloud Security
Empowering Australian government agencies with enhanced cloud security
Inside Grammarly’s AI-driven automation with the MCP Server for Wiz
Meet the system that cut manual triage times by 90% and enables engineers to focus on strategic thinking.
What Security Should Look Like When Built for Developers
Security tools should support the way developers actually work. Here’s how we’re reimagining what that looks like.
From Cloud to Hybrid: 360° Runtime Protection, Anywhere You Run
Wiz Sensor Workload Scanner brings runtime visibility and context to hybrid environments—cloud, on-prem, and edge—all in a single platform.
Introducing Wiz for Exposure Management: Unify, Prioritize, and Remediate Exposures Everywhere
Stop chasing CVEs with new UVM and Sensor Workload Scanner capabilities. Remove silos to effectively prioritize and reduce exposures across cloud, code, and on-prem.
Breaking NVIDIA Triton: CVE-2025-23319 - A Vulnerability Chain Leading to AI Server Takeover
Wiz Research discovers a critical vulnerability chain allowing unauthenticated attackers to take over NVIDIA's Triton Inference Server.
The insider’s guide to Black Hat 2025
Cut through 100+ talks to find what matters: AI vulnerabilities, cloud attacks, and where to grab drinks.
Wiz boosts cloud security in Canada with new Calgary data center
Powering secure innovation across Canada with a second local data center.
Celebrating 200 WINtegrations—and the Partners Who Make It Possible
200 integrations strong: How our open ecosystem is redefining cloud security collaboration.
Wiz Research Uncovers Critical Vulnerability in AI Vibe Coding platform Base44 Allowing Unauthorized Access to Private Applications
New discovery underscores security implications of AI-powered development and the rise of Vibe Coding Platforms
TraderTraitor: Deep Dive
Inside the Lazarus subgroup that’s hijacking cloud platforms, poisoning supply chains, and stealing billions in digital assets.
What the U.S. AI Action Plan Means For Cyber Defenders
In the race to lead in AI, the U.S. is prioritizing rapid innovation and national security.
Operationalizing Cloud Security: How PwC and Wiz Help Turn Risk into Resilience
PwC leverages Wiz to empower secure cloud transformation—bridging strategy, visibility, and execution.
Soco404: Multiplatform Cryptomining Campaign Uses Fake Error Pages to Hide Payload
Wiz Research has identified a new iteration of a broader malicious cryptomining campaign, which we’ve dubbed Soco404.
SharePoint Vulnerabilities (CVE-2025-53770 & CVE-2025-53771): Everything You Need to Know
Detect and mitigate CVE-2025-53770 and CVE-2025-53771 - critical vulnerabilities in Microsoft SharePoint Server currently under active exploitation.
NVIDIAScape - Critical NVIDIA AI Vulnerability: A Three-Line Container Escape in NVIDIA Container Toolkit (CVE-2025-23266)
New critical vulnerability with 9.0 CVSS presents systemic risk to the AI ecosystem, carries widespread implications for AI infrastructure.
Wiz MCP Server Now Available in the new AWS Marketplace AI Agents and Tools category
Improve security posture and remediate risks faster using natural language workflows.
Wiz Recognized as a 2025 Customers’ Choice in Gartner® Peer Insights™ report
What our customers say: Wiz named as a Gartner Customers’ Choice for CSPM