Would You Click ‘Accept’? Automatically detecting malicious Azure OAuth applications using LLMs
How Wiz Research automates detection of emerging malicious Azure app and consent phishing campaigns.
Shahar Dorfman
Shahar is a threat intelligence researcher at Wiz, where she focuses on identifying and analyzing emerging cyber threats to enhance security defenses. Prior to joining Wiz, she served in the Israeli Army's Intelligence Directorate.
Posts Shahar Dorfman
Defending against database ransomware attacks
How attackers exploit exposed databases for extortion—and the defenses that work.
Soco404: Multiplatform Cryptomining Campaign Uses Fake Error Pages to Hide Payload
Wiz Research has identified a new iteration of a broader malicious cryptomining campaign, which we’ve dubbed Soco404.
Ivanti EPMM RCE Vulnerability Chain Exploited in the Wild
Wiz Threat Research has observed exploitation in-the-wild of CVE-2025-4427 and CVE-2025-4428, the latest vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM).
Unmasking Phishing: Strategies for identifying 0ktapus domains and beyond
Wiz Research looks at phishing tactics, along with how to trace and investigate these campaigns.