s1ngularity: supply chain attack leaks secrets on GitHub: everything you need to know
Detect and mitigate a critical supply chain compromise affecting the Nx NPM Package. Organizations should act urgently.
#Security
A new type of long-lived key on AWS: Bedrock API keys
New AWS Bedrock keys simplify authentication while raising security considerations.
TraderTraitor: Deep Dive
Inside the Lazarus subgroup that’s hijacking cloud platforms, poisoning supply chains, and stealing billions in digital assets.
What the U.S. AI Action Plan Means For Cyber Defenders
In the race to lead in AI, the U.S. is prioritizing rapid innovation and national security.
SharePoint Vulnerabilities (CVE-2025-53770 & CVE-2025-53771): Everything You Need to Know
Detect and mitigate CVE-2025-53770 and CVE-2025-53771 - critical vulnerabilities in Microsoft SharePoint Server currently under active exploitation.
Exposed JDWP Exploited in the Wild: What Happens When Debug Ports Are Left Open
Understanding the risks and impact of deploying dev-mode in production environments
Leaking Secrets in the Age of AI
How has AI-assisted development impacted secrets leakage? Learn the new patterns and emerging trends.
AI Is Everywhere—But Security Teams Are Still Catching Up
Insights from 96 organizations on the state of AI security in the cloud.
Lean and Mean: How We Fine-Tuned a Small Language Model for Secret Detection in Code
Building an efficient small language model for cybersecurity, from data prep to deployment
Rules Files for Safer Vibe Coding
Helping LLMs generate safer and more secure code through open-sourced rules files.
DevOps Tools Targeted for Cryptojacking
The Wiz Threat Research team has identified a widespread cryptojacking campaign targeting commonly used DevOps applications including Nomad and Consul.
The ROI of DSPM: Why Data Security Posture Management Is a Business Imperative
See how Data Security Posture Management (DSPM) delivers measurable impact across risk reduction, compliance, and operational efficiency.