IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX
Over 40% of cloud environments are vulnerable to RCE, likely leading to a complete cluster takeover.
Over 40% of cloud environments are vulnerable to RCE, likely leading to a complete cluster takeover.
Learn how AWS VPC Endpoint CloudTrail logs can help you troubleshoot endpoint policies and strengthen your network's security against data exfiltration.
How to protect sensitive data in cloud-hosted databases with built-in security controls, best practices, and continuous risk monitoring.
A supply chain attack on tj-actions/changed-files caused many repositories to leak their secrets over the weekend. Wiz Research has discovered an additional supply chain attack on reviewdog/actions-setup@v1, that may have contributed to the compromise of tj-actions/changed-files.
A supply chain attack on popular GitHub Action tj-actions/changed-files caused many repositories to leak their secrets. Discover how it unfolded and the steps to mitigate the risk.
From DeepSeek adoption to impact on security and governance.
Wiz enhances Slack integration to streamline risk investigation and response and bring security knowledge directly to Slack
Experts share a powerful framework and strategies for effective board meeting preparation and communication.
Wiz was named the leader in the Winter 2025 CDR Grid Report, based on independent customer reviews.
Explore the key insights on code and cloud security risks shaping 2025.
Empowerment and speed for security teams without losing unified cloud context.
Discover how Wiz's innovative hybrid approach revolutionizes runtime security for the modern cloud era.
Learn how Wiz for ASPM extends security to developer infrastructure by continuously enforcing secure defaults and detecting threats across the software supply chain.
Discover how this dynamic duo creates secure, agile environments – and how you can foster their romance in your organization.
Enhanced collaboration deepens cloud security capabilities, democratizes security across cloud businesses.
Technical details on a critical severity vulnerability (CVE-2024-0132) in NVIDIA Container Toolkit and GPU Operator, affecting cloud service providers .
Check out the top comments and responses from our recent containers AMA.
The Wiz Certified program refines your cloud security skills to help you grow your career and stand out among your industry peers.
Discover key strategies to strengthen your AWS security posture, from applying protection at all layers to understanding shared responsibility in the cloud.
A publicly accessible database belonging to DeepSeek allowed full control over database operations, including the ability to access internal data. The exposure includes over a million lines of log streams with highly sensitive information.
What are the most important KPI’s for a successful DSPM implementation? Let's explore what KPI’s to monitor, why they matter, and how you can take advantage of them for improved security at your org.
By adopting the 'Zero Noise' approach—prioritizing attacker-focused detections, continuous feedback loops, and a 'no alert left behind' mentality—security teams can cut through cloud alert noise, enabling swift and precise responses to true threats.
How to uncover potential threats and eliminate critical risks in your cloud environment.
From rapid-fire attack attempts to evolving defense strategies, our Kubernetes Security Report paints a vivid picture of a dynamic landscape. Check out the preview here.