2025 State of Code Security: Key Trends and Risks
Explore the key insights on code and cloud security risks shaping 2025.
#Threat Intel
Securing the Container Frontier: Kubernetes Trends Report 2025
From rapid-fire attack attempts to evolving defense strategies, our Kubernetes Security Report paints a vivid picture of a dynamic landscape. Check out the preview here.
Wiz observes exploitation in the wild of PAN-OS vulnerabilities
Detect and mitigate CVE-2024-0012 and CVE-2024-9474, PAN-OS vulnerabilities which Wiz Threat Research has observed being exploited in-the-wild. Organizations should patch urgently.
Unmasking Phishing: Strategies for identifying 0ktapus domains and beyond
Wiz Research looks at phishing tactics, along with how to trace and investigate these campaigns.
Emerging phishing campaign targeting AWS accounts
Wiz Threat Research recently spotted a new phishing campaign targeting AWS accounts.
SeleniumGreed: Threat actors exploit exposed Selenium Grid services for Cryptomining
Wiz researchers discover ongoing threat to popular testing framework.
Pause off my cluster: DERO cryptojacking takes a new shape
Learn how the threat actors behind the 2023 DERO cryptojacking campaign have adapted their techniques to evade detection, and the best practices for mitigation.
Introducing the Cloud Threat Landscape, a new TI resource for cloud defenders
The Cloud Threat Landscape is a threat intelligence database that summarizes cloud incidents and offers insights into targeting patterns and initial access methods.
I know what you mined last summer: summarizing Summer '23 cryptomining activity
During the summer of 2023, using the Wiz Sensor, Wiz Research detected several different cryptomining campaigns targeting cloud workloads. Learn about these campaigns and their associated IoCs, and how to detect and prevent similar threats.
PyLoose: Python-based fileless malware targets cloud workloads to deliver cryptominer
PyLoose is a newly discovered Python-based fileless malware targeting cloud workloads. Get a breakdown of how the attack unfolds and the steps to mitigate it.
Redirection Roulette: Thousands of hijacked websites in East Asia redirecting visitors to other sites
Since early September 2022, tens of thousands of websites aimed at East Asian audiences have been hacked, redirecting hundreds of thousands of their users to adult-themed content.