Wiz

Cloud Security Podcast & Newsletter by Cloudsec Pros, for Cloudsec Pros

SpotifyListen onSpotifyApple PodcastsListen onApple Podcasts
Latest episode

AI Double Agents to Blame, Scattered Spider Pivots to Planes

🎙️ Scattered Spider's new target? Airlines. Cloud vulns, help desk hacks & AI agent dangers—broken down by Eden & Amitai

Omer Mosheiov
Listen now

Latest episodes

Pyramid of Pain, PEAK, and Bagpipes with David Bianco

New ep: David Bianco (Splunk) on threat intel, Pyramid of Pain & what great threat hunters really do.

Omer Mosheiov
Listen now

AI-powered Security, Shared Fate, and an Archery Lesson with Dr. Anton Chuvakin

New drop: Dr. Anton Chuvakin (Google Cloud) on AI in security, broken SOCs & why cloud appliances fail.

Omer Mosheiov
Listen now

UK Retail Breaches, SAP 0day, and CVE Troubles

From ransomware to CVEs—get the latest cloud security scoop with Amitai Cohen & Eden Naftali in this week's top stories!

Omer Mosheiov
Listen now

Bug Bounty Secrets, Hacker Communities, and a Hit of Volleyball with Justin Gardner

🎙️ Bug bounty secrets with Justin Gardner, guest on Crying Out Cloud with hosts Eden & Amitai! 🚨

Omer Mosheiov
Listen now

Quadruple Supply Chain Attack, IngressNightmare Exploited, and Rumors Abound

Catch up on GitHub attacks, IngressNightmare updates & Oracle breach buzz with Rami McCarthy on Crying Out Cloud!

Omer Mosheiov
Listen now

Ingress Nightmare: How a Single Request Could Take Over Your K8s Cluster

🎙️ All you need to know on our latest discovery #IngressNightmare 🚨 Unauth RCE, K8s risks & more with Nir Ohfeld.

Omer Mosheiov
Listen now

Crying Out Cloud is also a newsletter!

Stay Safe & Informed: Receive the Latest Cloud Security News, Real Attack Insights, and Expert Guidance to Protect Your Environment.

22

Wiz Research uncovered a cryptojacking campaign exploiting misconfigured DevOps tools, along with major new vulns in SugarCRM, NetScaler, Sitecore, and Teleport. Plus: Langflow and Open WebUI are under active attack. Get the full scoop in this month’s Crying Out Cloud.

#CryptoJacking#DevOpsExploits
21

This month in cloud security: from zero-day exploits in Ivanti and Commvault to critical vulnerabilities in LangFlow, Azure, and Grafana. Plus, coordinated retail attacks, RedisRaider cryptojacking, and SonicWall exploitation. Tune into Crying Out Cloud for all the insights.

#LangFlowRCE#IvantiZeroDay
20

Welcome back! This month’s cloud security roundup covers critical CVEs, including a CVSS 10.0 in Erlang/OTP, a deserialization bug in Apache Parquet, and active campaigns like Atlas Lion and CrushFTP exploits. Stay informed and secure with the latest updates from Wiz.

#ErlangSSHExploit#ParquetDeserializationRCE
19

Welcome back! This edition dives into the latest in cloud security: RCE in Apache Tomcat, a quadruple GitHub supply chain attack, Kubernetes IngressNightmare, and stealthy PostgreSQL cryptojacking. Plus, high-profile exploits in VMware and Next.js. Tune in for key takeaways and expert insights.

#Apache Tomcat RCE#GitHub Supply Chain Attack

Sign up to receive the latest updates in cloud security directly to your inbox

For information about how Wiz handles your personal data, please see our Privacy Policy.