Shai-Hulud: Ongoing Package Supply Chain Worm Delivering Data-Stealing Malware
Detect and mitigate a critical supply chain compromise affecting over 100+ packages, organizations should act urgently.
#Threat Intel
Widespread npm Supply Chain Attack: Breaking Down Impact & Scope Across Debug, Chalk, and Beyond
A deeper look at the npm debug/chalk supply-chain incident: deobfuscating the wallet-hijacking browser interceptor, quantifying the ~2-hour exposure with Wiz telemetry (~99% package prevalence, ~10% malware presence), and unpacking what made it spread so fast.
From Compromised Keys to Phishing Campaigns: Inside a Cloud Email Service Takeover
Exposed cloud credentials become the launchpad for mass phishing, highlighting email services as a prime target in cloud exploitation campaigns.
s1ngularity's Aftermath: AI, TTPs, and Impact in the Nx Supply Chain Attack
A deeper look at the Nx supply chain attack: analyzing the performance of AI-powered malware, calculating incident impact, and sharing novel TTPs for further investigation.
s1ngularity: supply chain attack leaks secrets on GitHub: everything you need to know
Detect and mitigate a critical supply chain compromise affecting the Nx NPM Package. Organizations should act urgently.
TraderTraitor: Deep Dive
Inside the Lazarus subgroup that’s hijacking cloud platforms, poisoning supply chains, and stealing billions in digital assets.
Critical vulnerabilities in NetScaler ADC exploited in-the-wild: everything you need to know
Detect and mitigate CVE-2025-5349, CVE-2025-5777, and CVE-2025-6543, Citrix Netscaler ADC and Gateway vulnerabilities being exploited in the wild. Organizations should patch urgently.
Cloud Attacks Retrospective: Evolving Tactics, Familiar Entry Points
Let's break down eight attack patterns security teams should be watching in 2025.
What Analyzing Hundreds of Thousands of Cloud Environments Taught Us About Data Exposure
Wiz Research reveals the latest cloud data security trends across hundreds of thousands of real-world environments.
2025 State of Code Security: Key Trends and Risks
Explore the key insights on code and cloud security risks shaping 2025.
Securing the Container Frontier: Kubernetes Trends Report 2025
From rapid-fire attack attempts to evolving defense strategies, our Kubernetes Security Report paints a vivid picture of a dynamic landscape. Check out the preview here.
Wiz observes exploitation in the wild of PAN-OS vulnerabilities
Detect and mitigate CVE-2024-0012 and CVE-2024-9474, PAN-OS vulnerabilities which Wiz Threat Research has observed being exploited in-the-wild. Organizations should patch urgently.