Detect and mitigate Copy Fail (CVE-2026-31431), an easily exploitable vulnerability in the Linux kernel that allows escalation from an unprivileged local user account to root access.
When AI meets CI/CD: permission bypasses, prompt injection, and what to do about it.
How AI Adoption, Autonomy, and Attacker Innovation Are Reshaping Cloud Security
Detect and mitigate malicious npm packages linked to the recent Shai-Hulud-style campaign - Mini Shai Hulud.
How Wiz enables Australian government agencies to operationalise MDA with real-time context, zero trust enforcement, and end-to-end cloud visibility.
Compromised Context.ai OAuth tokens enabled attackers to perform a supply chain attack via trusted SaaS integrations. Learn how to assess the risk in your environment and how to prevent the next attack.
Build resilient GitHub Actions workflows with lessons from recent attacks like TeamPCP and Axios.
Understanding and defending your GitHub Actions - from threat model to security controls.
Insights from public incidents, cloud telemetry, and investigations into how cloud risk evolved in 2025
This post will look at the past 20 years of cloud security research, separating the two decades into eras with important milestones defined that resulted in the change of one era to the next.
A look back at the cloud security investigations and vulnerabilities that defined the year, from AI breakthroughs to supply chain shifts.
Wiz Research reveals the data behind Shai-Hulud's 2.0 long tail, the massive gap in cloud credential rotation, a potential link to the Trust Wallet incident, and how we finally "snipped the tail" on a month of ongoing infections.
