Introducing SITF: The First Threat Framework Dedicated to SDLC Infrastructure
Moving beyond simple checklists to visualize, map, and block attacks on production SDLC infrastructure.
#Research
Agentic Browser Security: 2025 Year-End Review
Are agentic browsers the new Flash? A 2025 review of new attacks, vendor security layers, and a roadmap for navigating AI browser risks.
CodeBreach: Infiltrating the AWS Console Supply Chain and Hijacking AWS GitHub Repositories via CodeBuild
Wiz Research discovered a critical supply chain vulnerability that abused a CodeBuild misconfiguration to take over key AWS GitHub repositories - including the JavaScript SDK powering the AWS Console.
Preparing for Post-Quantum Cryptography
Learn what you can do today to prepare for Q-Day
Snipping the Long Tail of Shai-Hulud 2.0
Wiz Research reveals the data behind Shai-Hulud's 2.0 long tail, the massive gap in cloud credential rotation, a potential link to the Trust Wallet incident, and how we finally "snipped the tail" on a month of ongoing infections.
MongoBleed (CVE-2025-14847) exploited in the wild: everything you need to know
Detect and mitigate CVE-2025-14847, an unauthenticated information leak vulnerability in MongoDB. Exploitation has been observed in the wild. Organizations should patch urgently.
Zero‑Days in the Age of AI: Behind the Scenes of ZeroDay.cloud 2025, with a Record High of CVEs in Critical Cloud Infra
ZDC awarded hackers $320,000 and uncovered a record‑breaking tally of critical CVEs for core cloud infrastructure, underscoring the scale and urgency of securing the open‑source software that underpins the modern cloud.
Gogs 0-Day Exploited in the Wild
Wiz Threat Research has observed exploitation in-the-wild of CVE-2025-8110
Code to Cloud Attacks: From Github PAT to Cloud Control Plane
How attackers are leveraging compromised employee GitHub Personal Access Tokens to compromise cloud environments.
Top AWS re:Invent Announcements for Security Teams in 2025
The re:Invent announcements that are most impactful to security teams.
React2Shell: Technical Deep-Dive & In-the-Wild Exploitation of CVE-2025-55182
We break down the exploit mechanics and detail active in-the-wild attacks observed by our team, from credential harvesting to sophisticated cloud backdoors.
React2Shell (CVE-2025-55182): Everything You Need to Know About the Critical React Vulnerability
Detect and mitigate React2Shell (CVE-2025-55182), critical RCE vulnerability in React and Next.js exploited in the wild. Organizations should patch urgently.