CPU_HU: Fileless cryptominer targeting exposed PostgreSQL with over 1.5K victims
Cloud environments at risk: Attackers target weak PostgreSQL instances with fileless cryptominer payloads.
Cloud environments at risk: Attackers target weak PostgreSQL instances with fileless cryptominer payloads.
Over 40% of cloud environments are vulnerable to RCE, likely leading to a complete cluster takeover.
Learn how AWS VPC Endpoint CloudTrail logs can help you troubleshoot endpoint policies and strengthen your network's security against data exfiltration.
A supply chain attack on tj-actions/changed-files caused many repositories to leak their secrets over the weekend. Wiz Research has discovered an additional supply chain attack on reviewdog/actions-setup@v1, that may have contributed to the compromise of tj-actions/changed-files.
A supply chain attack on popular GitHub Action tj-actions/changed-files caused many repositories to leak their secrets. Discover how it unfolded and the steps to mitigate the risk.
From DeepSeek adoption to impact on security and governance.
Explore the key insights on code and cloud security risks shaping 2025.
Technical details on a critical severity vulnerability (CVE-2024-0132) in NVIDIA Container Toolkit and GPU Operator, affecting cloud service providers .
A publicly accessible database belonging to DeepSeek allowed full control over database operations, including the ability to access internal data. The exposure includes over a million lines of log streams with highly sensitive information.
From rapid-fire attack attempts to evolving defense strategies, our Kubernetes Security Report paints a vivid picture of a dynamic landscape. Check out the preview here.
Discover how behavioral cloud IOCs can expose malicious activity as we break down real-world examples to reveal actionable detection techniques.
The Wiz Incident Response team is currently responding to multiple incidents involving CVE-2024-50603, an Aviatrix Controller unauthenticated RCE vulnerability, that can lead to privileges escalation in the AWS control plane. Organizations should patch urgently.