#Security

Top AWS re:Invent Announcements for Security Teams in 2025

Scott Piper

dezembro 8, 2025

The re:Invent announcements that are most impactful to security teams.

React2Shell (CVE-2025-55182): Everything You Need to Know About the Critical React Vulnerability

Gili Tikochinski, Merav Bar, Danielle Aminov

dezembro 3, 2025

Detect and mitigate React2Shell (CVE-2025-55182), critical RCE vulnerability in React and Next.js exploited in the wild. Organizations should patch urgently.

Shai-Hulud 2.0 Aftermath: Trends, Victimology and Impact

Shay Berkovich, Rami McCarthy

dezembro 1, 2025

A deeper look at the Shai-Hulud 2.0 supply chain attack: reviewing the infection spread, victimology, leaked secrets distribution, and community response so far.

3 OAuth TTPs Seen This Month — and How to Detect Them with Entra ID Logs

Sapir Federovsky

novembro 27, 2025

How OAuth tokens, JWT fields and Entra sign-in logs reveal attacker behavior, and how to turn those signals into reliable detections.

Shai-Hulud 2.0 Supply Chain Attack: 25K+ Repos Exposing Secrets

Hila Ramati, Merav Bar, Gal Benmocha, Gili Tikochinski

novembro 24, 2025

Detect and mitigate malicious npm packages linked to the recent Shai-Hulud-style campaign. Over 25,000 affected repositories across ~350 unique users.

When AI Becomes the Heart of Security: Powering a Future You Can Trust

Wiz Team

novembro 4, 2025

Helping teams see clearly, decide wisely, and move safely.

Securing Critical Infrastructure in the Cloud Era: A Policy and Technology Blueprint

Jennifer Thibodeau

outubro 30, 2025

Why Securing Critical Infrastructure Requires a Modern Approach

How CISOs Should Plan Security Budgets for 2026

Wiz Team

outubro 29, 2025

Build a defensible 2026 security budget with data, not guesswork. We share practical tips, ROI levers, and fresh insights from our survey of 300+ CISOs and security leaders.