Featured
Gogs 0-Day Exploited in the Wild
Wiz Threat Research has observed exploitation in-the-wild of CVE-2025-8110
Blog
Code to Cloud Attacks: From Github PAT to Cloud Control Plane
How attackers are leveraging compromised employee GitHub Personal Access Tokens to compromise cloud environments.
Top AWS re:Invent Announcements for Security Teams in 2025
The re:Invent announcements that are most impactful to security teams.
React2Shell: Technical Deep-Dive & In-the-Wild Exploitation of CVE-2025-55182
We break down the exploit mechanics and detail active in-the-wild attacks observed by our team, from credential harvesting to sophisticated cloud backdoors.
React2Shell (CVE-2025-55182): Everything You Need to Know About the Critical React Vulnerability
Detect and mitigate React2Shell (CVE-2025-55182), critical RCE vulnerability in React and Next.js exploited in the wild. Organizations should patch urgently.
Wiz Product Announcements at re:Invent 2025: Expanding Visibility from Code to Cloud
Check out new product releases that help security and engineers work together to keep cloud environments secure
Introducing Wiz SAST: Where Code Risk Meets Cloud Context
Modern code runs in complex and distributed cloud environments. Wiz SAST meets this complexity by correlating code flaws with real cloud context–including where workloads run, what they can access, and how exposed they are.
Wiz Becomes Fastest Security ISV to Reach $1 Billion in AWS Marketplace Lifetime Sales
A milestone fueled by customer trust and a partnership built for scale.
It's Here! Wiz Exposure Management is Now GA
Moving beyond CVE counts to true exposure management everywhere with new UVM and ASM capabilities, now GA
Shai-Hulud 2.0 Aftermath: Trends, Victimology and Impact
A deeper look at the Shai-Hulud 2.0 supply chain attack: reviewing the infection spread, victimology, leaked secrets distribution, and community response so far.
Service Catalog is Here: Expand Risk Visibility for Your Service and Its Dependencies, Simplify Issue Ownership
Give security and developers a shared view of cloud risk, aligned to the way applications are built and maintained.
WizOS: Powering Secured Image Adoption with AI
WizOS is now GA to help every organization reduce CVEs and build on a trusted foundation.
3 OAuth TTPs Seen This Month — and How to Detect Them with Entra ID Logs
How OAuth tokens, JWT fields and Entra sign-in logs reveal attacker behavior, and how to turn those signals into reliable detections.
Mastering Software Governance with Hosted Technologies Inventory
Gain visibility into every technology in your environment and eliminate governance gaps.
Shai-Hulud 2.0 Supply Chain Attack: 25K+ Repos Exposing Secrets
Detect and mitigate malicious npm packages linked to the recent Shai-Hulud-style campaign. Over 25,000 affected repositories across ~350 unique users.
Get Certified on Wiz Defend for Threat Detection and Response
Wiz Defend Certification validates skills in cloud threat detection and response for SOC, IT, and security professionals.
Blueprint for Security: A Guide to Code, Governance, and Response Frameworks
Building a Foundation for Security and Compliance
Google Unified Security Recommended Program Names Wiz Among First 3 Strategic Partners
Inaugural partner program reflects commitment to building an open, unified future for security.
Introducing Posture Issues: Transform Security Findings into Actionable Outcomes
Streamline Security Backlogs by Grouping Vulnerabilities, Secrets, and Data Findings into Posture Issues
Empower and Accelerate Your SOC with the Wiz SecOps AI Agent
Meet the SecOps AI Agent: AI-powered threat triage built on the Wiz platform. Investigate every threat with speed and transparency
Exposure Report: 65% of Leading AI Companies Found with Verified Secret Leaks
How secure are top private AI companies? Find out from our scans and disclosures.
Wizdom 2025 Product Announcements: Extending the Cloud Operating Model
At Wizdom 2025, we’re unveiling two new AI agents alongside new product innovations that deepen and extend the graph across SaaS, workloads, AI infrastructure, and external exposures. Together, these advances enable teams to secure everything they build and run in the cloud and beyond.
When AI Becomes the Heart of Security: Powering a Future You Can Trust
Helping teams see clearly, decide wisely, and move safely.
AI-Powered Wiz: From Agents to Everyday Intelligence
How Wiz AI Agents and Integrations Meet You Where You Work
Defend Agentless Workload Detection: Bringing Visibility to Blind Spots in Threat Detection
Providing unconditional visibility into your environment