Lucene search
K
WizblogRecent

645 matches found

Wiz blog
Wiz blog
added 5 days ago8 views

Build AI Security Agents with Wiz MCP

Power AI-driven security with trusted security context, Wiz AI Agents, and Wiz AI Skills...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 5 days ago8 views

Breaking Down the White House’s Actions on Post-Quantum Cryptography Readiness

The U.S. Federal Migration to PQC Just Got Real...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/30 5:50 p.m.10 views

Start Secure in the AI Era: Accelerating AI Threat Readiness with WizOS

As the time from vulnerability discovery to exploitation shrinks, building with minimal, secured components is more important than ever. Here is how WizOS helps...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/29 1:39 p.m.10 views

Bridging the Visibility Gap: A Unified Security Operating Model for Hybrid Cloud Teams

Move beyond chasing vulnerabilities to a unified hybrid risk strategy. The Sensor Workload Scanner is now GA and extends our risk prioritization engine to on-premise environments to identify the critical attack paths across your hybrid cloud...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/29 11:0 a.m.10 views

The Borderless Attack Surface: Securing Public Sector Hybrid Environments

Aligning Modern CNAPP Telemetry with realistic risk assessments to drive agency efficiency through cross-team collaboration...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/29 9:31 a.m.11 views

The Red Agent POV: Exploiting Broken Object-Level Authorization in an Airline GraphQL API

Part 2: How the Red Agent bypassed backend resolvers to expose an entire airline booking database in fifteen minutes...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/26 12:0 p.m.10 views

MCP Auto-Execution: From Git Clone to Cloud Compromise in Amazon Q VS Code Extension

By automatically loading MCP servers from workspace files, Amazon Q enabled attackers to execute code and access sensitive cloud environments...

5.9AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/25 11:59 a.m.8 views

Uncovering Hidden Attack Paths in Cloud Environments Using Runtime Signals

Wiz now layers runtime signals into the Security Graph, exposing hidden attack paths to give security teams a complete picture of risk...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/24 12:18 p.m.8 views

How AI Is Rewriting the SecOps Playbook

The threat landscape has changed. Adversaries operate at machine speed, shrinking attacks from days to minutes. Defenders can no longer investigate and respond before damage occurs. In this new era, Security Operations must prioritize speed, automation, and continuous decision-making...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/23 12:33 p.m.20 views

AI Threat Readiness Pillar 4: Detect and contain threats in real-time

Your guide to operationalizing AI-powered threat detection and response with Wiz to stay ahead of AI-driven attackers...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/22 1:21 p.m.28 views

Cloud-native Security for your Windows environment: Announcing the Wiz Runtime Sensor for Windows

Secure your Windows fleet without sacrificing performance. Wiz pairs real-time threat detection with a memory-safe architecture that scales efficiently to protect your essential cloud infrastructure...

5.5AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/18 12:52 p.m.9 views

The President’s Executive Actions on AI Have a Lot to Say on Cybersecurity

The spotlight has been on frontier models, but the goals are more far reaching -- including supercharging cyber defense and remediating risk at machine speed...

5.2AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/17 2:33 p.m.15 views

The Red Agent POV: How it Reasoned its Way to SSRF

Part 1: How the Red Agent uncovered a multi-step attack chain allowing SSRF-to-Local-File-Read on a GCP Cloud Run API...

5.2AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/17 2:33 p.m.11 views

Introducing the Red Agent POV Series

An inside look at how the Red Agent, our AI-Powered Attacker, uncovers complex, exploitable risks in the wild...

5.3AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/16 10:53 a.m.20 views

Wiz Exposure Management Dashboard: Your CTEM Command Center

New exposure management dashboard helps organizations align with CTEM to stay ahead in an era of AI exploiting vulnerabilities faster than ever...

5.3AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/12 12:0 p.m.17 views

Navigating the New Federal Logging Mandate | OMB Memorandum M-26-14

The White House Memorandum puts in place an “adaptive framework,” where agencies make risk-based, prioritized logging decisions...

5.2AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/11 10:17 p.m.13 views

AI Threat Readiness Pillar 3: Perform AI Code Analysis Natively in Wiz

Your guide to operationalizing AI-powered code analysis with Wiz to stay ahead of AI driven development and adversaries...

5.3AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/09 3:25 p.m.14 views

AI Threat Readiness Pillar 2: Accelerate Patching and Response

Your guide to operationalizing ownership, remediation, and response with Wiz to keep pace with the AI threat landscape...

5.5AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/08 12:0 p.m.11 views

Introducing Wiz Cloud Cost: Powering Cost Management and Optimization with Context

Wiz unifies cloud and AI cost visibility to help teams eliminate waste and improve spend efficiency across their AWS, Azure, and GCP environments...

5.5AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/04 2:19 p.m.23 views

AI Threat Readiness Pillar 1: Reduce Critical Exposures & Scan with AI

Diving into the first pillar of the AI Threat Readiness Framework and how Wiz helps...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/01 3:2 p.m.15 views

Eliminate Critical API Attack Paths with Wiz API SPM

Wiz API SPM is now GA, enabling customers to discover APIs, assess APIs for exploitability, and prioritize remediation to mitigate the risk of an API-related breach...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/06/01 12:45 p.m.30 views

Miasma: Supply Chain Attack Targeting RedHat npm Packages

Detect and mitigate malicious npm packages linked to the latest npm supply chain attack, based on the open sourced Mini Shai-Hulud malware...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/28 1:34 p.m.14 views

State of Post Quantum Cryptography

Discussion of PQC relevant statistics that we see across our customers and other data sources...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/27 4:3 p.m.12 views

Evidence at the Moment of Attack. Answers at AI Speed.

Wiz Sensor Forensics is now generally available - automatically capturing forensic artifacts at the moment of detection and using AI to accelerate investigation for SOC and IR teams...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/27 1:52 p.m.18 views

Commit to Compromise: A New Threat Actor Targeting the Cryptocurrency Industry's Software Development Infrastructure

Wiz CIRT and Wiz Research detail JINX-0164, a threat actor using LinkedIn social engineering, custom macOS malware, and CI/CD hijacking to target cryptocurrency organizations...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/27 12:0 p.m.17 views

Defending at Machine-Speed: Building AI Threat Readiness with Wiz

How Wiz helps organizations adopt an AI Operating Model for AI Threat Readiness...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/26 12:45 p.m.20 views

State of SDLC Security 2026: How Risk Scales in Modern Development

Insights from real-world environments into how code, developer tooling, automation, and AI are reshaping application security...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/21 5:5 p.m.10 views

Claude Enterprise Meets the Security Graph: Wiz Integrates with Anthropic's Compliance API

Security and compliance teams can now monitor Claude activity directly in Wiz, extending the workflows they already rely on to AI...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/19 5:30 p.m.12 views

durabletask: TeamPCP's Latest PyPi Compromise

Discover the latest on malicious versions of the pypi package durabletask, matching TeamPCP tactics...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/19 1:17 p.m.27 views

Introducing Runtime Threat Detection for Google Cloud Run

Wiz Runtime Sensor support for Google Cloud Run Containers is now generally available, giving teams real-time threat detection and response for their serverless container workloads...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/19 8:29 a.m.11 views

The Worm That Keeps on Digging: TeamPCP Hits @antv in Latest Wave

Multi-ecosystem supply chain compromise by TeamPCP targets GitHub, NPM, and VSCode to steal credentials and establish persistence...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/18 11:0 a.m.14 views

From Cryptographic Blind Spots to Post-Quantum Agility: Introducing Wiz for PQC Readiness

Eliminate cryptographic blind spots and neutralize legacy debt with an integrated cryptographic asset inventory. Identify risks across code, cloud, and runtime, using the Wiz Security Graph to prioritize migration and protect against "Harvest Now, Decrypt Later" attacks...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/13 1:0 p.m.10 views

Beyond Findings: Connecting Exploitable Risk to Cloud Context with Wiz and HackerOne

See proven, exploitable risk in the context of your full cloud environment...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/13 12:13 p.m.17 views

Fragnesia: Linux Kernel Local Privilege Escalation via ESP-in-TCP

A new page-cache corruption vulnerability in the Dirty Frag family enables unprivileged local attackers to achieve root...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/12 1:24 p.m.9 views

Introducing Wiz Audit History: Track Every Change Across your Environment

Wiz Audit History is now GA, providing a continuous, cross-cloud timeline of changes to resource configurations and findings to accelerate incident response and simplify compliance...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/12 1:38 a.m.11 views

Mini Shai-Hulud Strikes Again: TanStack + more npm Packages Compromised

Detect and mitigate malicious npm packages linked to the latest Mini Shai-Hulud supply chain campaign targeting high-value developer tooling...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/11 1:0 p.m.14 views

Wiz at Wiz: Reducing Risk through Service Ownership

How Wiz security uses Service Catalog to turn cloud risk into service ownership...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/08 6:42 p.m.12 views

A Framework for AI Threat Readiness

AI models now find and exploit zero-days autonomously. This 4-pillar framework accelerates patching, analysis, and threat response...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/08 12:0 p.m.31 views

See and Secure Everything at the Edge with Wiz and Akamai

Akamai edge configurations are now visible on the Wiz Security Graph, giving teams a single understanding of risk from edge to runtime...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/08 8:57 a.m.12 views

Dirty Frag: Linux Kernel Local Privilege Escalation via ESP and RxRPC

Unpatched kernel flaw chain CVE-2026-43284, CVE-2026-43500 enables root escalation on major Linux distributions...

8.8CVSS5.8AI score0.93235EPSS
Exploits33
Wiz blog
Wiz blog
added 2026/05/07 1:0 p.m.17 views

Build Fast, Build Secure: Wiz findings are now in Lovable

With Wiz in Lovable, every builder can catch and fix risks in real time, keeping apps secure as they’re created...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/07 12:0 p.m.15 views

It's Time to Go After Achieving Zero Code Criticals

Ready to hit Zero Code Criticals? Here's how Wiz helps you get there and stay there, with the badge to prove you did...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/06 3:10 p.m.8 views

The Jenkins Threat Landscape

What usage patterns, plugin adoption, and configuration choices reveal about the Jenkins attack surface...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/06 12:33 p.m.8 views

Critical Buffer Overflow Vulnerability in PAN-OS Exploited in-the-Wild

Detect and mitigate CVE-2026-0300, a critical vulnerability in Palo Alto Networks PAN-OS User-ID Authentication Portal that allows unauthenticated attackers to achieve remote code execution RCE with root privileges...

9.8CVSS6.7AI score0.36157EPSS
Exploits6
Wiz blog
Wiz blog
added 2026/05/05 1:0 p.m.10 views

Introducing Penetration Test Findings: Unified Offensive Security in Wiz

Streamline pen-testing by unifying findings from bug bounties, manual audits, and Wiz Red Agent into a single, context-rich view...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/04 2:0 p.m.11 views

Practical Package Security: The Unofficial Guide

Get actionable best practices to shrink your attack surface, protect execution environments, control package ingestion, and catch compromises early...

5.9AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/04 12:0 p.m.10 views

Meet Wiz for M365: Bringing SaaS into the Security Graph

Secure Microsoft 365 and the cloud it powers — one platform, one graph, complete context...

6.9AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/04 12:0 p.m.8 views

From Foundation to Force: Your Guide to Operationalizing Wiz at Scale

Following your foundation, operationalize Wiz across development, detection and response, and program maturity so your security program never stops getting stronger...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/05/01 12:38 p.m.6 views

Copy Fail: Universal Linux Local Privilege Escalation Vulnerability

Detect and mitigate Copy Fail CVE-2026-31431, an easily exploitable vulnerability in the Linux kernel that allows escalation from an unprivileged local user account to root access...

7.8CVSS6.1AI score0.96267EPSS
Exploits228
Wiz blog
Wiz blog
added 2026/04/30 5:7 p.m.11 views

Red Agent and Claude Opus: Securing Production Targets at Scale

Delivering enterprise-grade continuous AI-powered risk assessment to hundreds of customers through the combined power of Wiz and Anthropic...

5.2AI score
Exploits0
Total number of security vulnerabilities645