ニュースルーム

"A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively rare event but one that haunted the cybersecurity world with its insidious threat of turning any innocent application into a dangerous foothold in a victim’s network. ..."

"The new wave of Mini Shai-Hulud campaign unearthed in the wild is proof that software supply chain poisoning is quickly becoming the repeat hit of 2026. ..."

"Fresh kernel flaw comes with public exploit code and continues ugly run of highly reliable privilege escalation bugs tied to memory and page-cache handling..."

"On May 12, Wiz Cloud Japan held a press briefing on cyberattack trends in the AI ​​era and new cloud security risks. ..."

"Critical flaws affecting core components and extensions in PostgreSQL and MariaDB could allow remote code execution. The bugs, some over 20 years old, have now been patched...."

"When it comes to securing enterprise supply chains, now heavily infused with AI applications and agents, a software bill of materials (SBOM) no longer provides a complete inventory of all the components in the environment. Enter AI-BOMs...."

" Wiz Research used AI models to uncover a vulnerability in GitHub’s internal git infrastructure that could have allowed attackers to access millions of public and private code repositories...."

"A new report out today from Wiz finds that artificial intelligence has shifted from experimental tooling to default cloud infrastructure, with 81% of observed environments running managed AI services and 90% running self-hosted AI software...."

"With Wiz and AI agents, Google is gearing up for a cyberwar where machines fight at speeds humans can't match...."

"Six insights from Wiz co-founder and CTO Ami Luttwak on hiring, speed, branding, and scaling globally...."

"Wiz recently announced the launch of its new AI Application Protection Platform, which is aimed at providing “end-to-end” security for AI applications, the Google-owned company said...."

"Sophisticated cyberattacks targeting a variety of open source projects, including the Trivy security-scanner project, the widely used Axios Javascript package, as well as Anthropic's accidental publishing of source code for its flagship Claude Code — all in a 10-day period — underscore the risks posed to software supply chains...."

"“We now believe the new models are essentially the best cybersecurity researchers in the world, and that’s a problem,” Luttwak said, because it means hackers could use the models’ capabilities to find and exploit vulnerabilities...."

"Cybersecurity risks are becoming more complex as AI adoption outpaces governance, leaders said at an Expert Voices roundtable last week...."

"Suspected North Korean hackers have bugged a software package that has been used by thousands of US companies in a major supply-chain attack that could take months to recover from, security experts said Tuesday...."

"Wiz's Ami Luttwak on AI-built apps bypassing authentication, exposing customer data..."

"TeamPCP hackers tell Forbes that AI helped them launch a devastating spree of attacks. But they wouldn’t have succeeded if developers’ security hadn’t been so weak in the first place...."

"Google has officially acquired cybersecurity firm Wiz for $32 billion in cash, a full year after the companies announced the deal. This marks Google’s biggest acquisition in its history...."

"After two years of finding flaws in AI infrastructure, two Wiz researchers advise security pros to worry less about prompt injection and more about vulnerabilities...."

"Wiz has continued to expand its platform with updates including the launch of its Model Context Protocol (MCP) Server. ..."

"AI agents are increasingly seen as a way to reinforce the capabilities of cybersecurity teams — but which can do the best job? Wiz has developed a benchmark suite of 257 real-world challenges spanning five offensive domains: zero-day discovery, CVE (code vulnerability) detection, API security, web security, and cloud security to find out...."

"In the new episode of Handelsblatt Disrupt, technology reporter Larissa Holzki spoke with the entrepreneur about three new cyber threats in the AI ​​age..."

"Moltbook exposed private data of over 6,000 users, Wiz reports..."

"Wiz and Irregular recently completed a joint study on the true economics of AI-driven cyberattacks. ..."

"The CodeBuild CI/CD misconfiguration—which was discovered by Wiz researchers and quickly remediated by AWS—could have put a vast number of AWS customer environments at risk and should serve as an ‘alarm bell’ for the cybersecurity industry, Wiz CTO Ami Luttwak tells CRN...."