Introducing Penetration Test Findings: Unified Offensive Security in Wiz
The goal of any offensive security team is to find the “open doors” before an attacker does. However, in most organizations, the results of these…
Category: CloudSecurity
Critical Buffer Overflow Vulnerability in PAN-OS Exploited in-the-Wild
A critical vulnerability (CVE-2026-0300) has been identified in Palo Alto Networks PAN-OS that allows unauthenticated attackers to achieve remote code execution (RCE) with root privileges.…
Wiz Exposure Management Dashboard: Your CTEM Command Center
In the new frontier AI era, models can autonomously discover vulnerabilities and generate working exploits, shrinking the window from discovery to exploitation to only hours.…
Securing Jenkins: Top Attack Flows & Misconfigurations
Jenkins is an open-source automation server widely used for CI/CD orchestration, pipeline automation, and infrastructure workflows. It integrates deeply with source control systems, container registries,…
Take the Wiz Zero Code Criticals Challenge
It’s been a big few weeks for how we ship code securely. At Wiz we expanded AI-BOM visibility, secure guardrails baked into agentic coding flows,…
Wiz & Lovable: Secure AI-Driven Development
Tools like Lovable have made it possible for anyone, beyond developers, to go from idea to deployed product in a matter of hours. Describe what…
Dirty Frag (CVE-2026-43284) Linux Privilege Escalation
A newly disclosed Linux kernel local privilege escalation vulnerability chain, dubbed “Dirty Frag” and assigned CVE-2026-43284 and CVE-2026-43500, enables attackers with local access to obtain…
Wiz Integrates with Akamai for Edge Security
Your cloud security posture is only as strong as the weakest link in your stack, and for most teams shipping applications at scale, that weak…
Fixing Risk through Service Ownership with Wiz
Security teams rarely struggle to find risk. The harder challenge is making that risk actionable. In modern cloud and AI environments, the same issue can…
Mini Shai-Hulud Strikes Again: TanStack + more npm Packages Compromised
@beproduct/nestjs-auth 0.1.2, 0.1.3, 0.1.4, 0.1.5, 0.1.6, 0.1.7, 0.1.8, 0.1.9, 0.1.10, 0.1.11, 0.1.12, 0.1.13, 0.1.14, 0.1.15, 0.1.16, 0.1.17, 0.1.18, 0.1.19 @cap-js/db-service 2.10.1 @cap-js/postgres 2.2.2 @cap-js/sqlite 2.2.2…
Introducing Wiz Audit History: Track Every Change Across your Environment
Understanding how your cloud environment evolves is essential for maintaining a strong security posture and operational resilience. In the cloud and the AI era, change…
Fragnesia: Linux Kernel Local Privilege Escalation via ESP-in-TCP
Researchers have disclosed a new variant in the DirtyFrag family of Linux local privilege escalation (LPE) vulnerabilities, named “Fragnesia.” The vulnerability impacts the Linux kernel’s…