Wiz

🎉 200 WIN INTEGRATIONS? LET'S GOOOO! 💥 We're officially celebrating 200 WIN integrations, and it's an absolute PARTY over here. This milestone? It's ALL YOU, our amazing community, customers, and partners who made it happen. 💙 Thank you, Nasdaq, for your support and recognition. Let's keep the 'WIN's coming... 🏆 https://xmrrwallet.com/cmx.plnkd.in/eEbcXWdZ

🚨 We found a critical vulnerability in the popular Vibe Coding Platform Base44. Wiz Research just found a critical vulnerability in the popular vibe coding platform Base44, that could have allowed anyone to access private applications. Enterprises could have had their internal tools, AI chatbots, and private proprietary information exposed with a simple-to-exploit logic flaw. Our team responsibly disclosed the issue, and it was fixed by Base44 & Wix in under 24 hours. The bigger story >> Vibe coding is having a moment. Lovable's lightning fast trajectory to unicorn status; Base44’s record exit; #Microsoft entering the field with #Github Spark, and even Replit's tragic database wipe all reinforce the reality that vibe coding platforms are everywhere. The latest discovery from our team calls into question the risk inherent in this incredibly popular technology. We're using AI to run fast, but at what cost? 🧠 Full research breakdown → https://xmrrwallet.com/cmx.plnkd.in/ec5XRehJ

Big news: PwC has partnered with us, and we couldn’t be more excited! 👏 Our partnership with PwC was created to transform cloud security assessments, provide organizations with the visibility, speed, and actionable insights needed to innovate confidently. From agentless scans to real-time analytics and CISO-ready dashboards, this collaboration empowers enterprises to move quickly without compromising security. We can't wait to create magic together 💙 🔍 Learn more: https://xmrrwallet.com/cmx.plnkd.in/enySkJjF

🚨 TraderTraitor: North Korea's cyber "traitor" inside the crypto world. Meet TraderTraitor: a North Korean hacking operation that's been hijacking dev workflows, poisoning open-source packages, and compromising environments to steal billions in cryptocurrency. 🪝 Their lures? Fake recruiters. Fake coding challenges. Even fake job interview platforms. 💰 Their payday? $308M from DMM Bitcoin. $1.5B from Bybit.💥 🔁 Their angle? Cloud-native compromise—from npm to S3. Full breakdown + IOCs in our blog: https://xmrrwallet.com/cmx.plnkd.in/eYAQ8dsi

🔥 THE WIZ PARTY IS ON 🔥 BlackHat 2025… Now it's time for the real main event. We're taking over Flanker's for 1 night only, and trust us, you'll want to be there. 🎶 Live DJ 🍸 The legendary cloud security cocktails from our 'CISOs making cocktails' 🤯 Mind-blowing people Join Wiz, Google, and Docker, Inc, the top names in cybersecurity, for the most unforgettable party of the week. 📍 Flanker's, Aug 5th | 7:00 PM RSVP fast. This one's gonna fill up: https://xmrrwallet.com/cmx.plnkd.in/ez7puTpX

🎁 GIVEAWAY: Our brand-new Wiz Research Newspaper *just dropped* 🗞️ Yes, a real printed newspaper ✨ Filled with the latest cloud security news, puzzles, games, and even a horoscope! Want a copy? 👀 Drop your birthday in the comments, and we'll send you your Cloud Security Horoscope straight from the paper 🔮 (You might even win a copy right to your doorstep...)

🚨 NEW research: Attackers are mining crypto through your misconfigs with #Soco404. Our latest research details an active Cryptomining campaign exploiting various vulnerabilities and misconfigurations in cloud environments. This report focuses on a variant targeting misconfigured PostgreSQL instances.😱 Key findings: 1) Linux 🐧 & Windows 🪟 payloads 2) Payloads embedded in fake 404 pages built with Google Sites & distributed via trusted servers compromised through vulnerable Apache Tomcat instances 3) Persistence via shell init & cron (🐧) or Windows services (🪟) 👉 Dive into the blog to see how it works & how to protect your environment: https://xmrrwallet.com/cmx.plnkd.in/e5eb-86S

What do CISOs talk about over a cocktail? EVERYTHING.🍸 Ryan Kazanciyan sits down for a real talk [and a real Malwarerita, aka Wiz's Margarita] with Andrew Cal from WestCap. And trust us, the conversation is just as strong as the tequila. Spoiler: AI is everywhere. But Andrew's advice? Take it one day at a time. You've never seen CISOs like this... Watch now our latest episode of CISOs Making Cocktail🍹 >> https://xmrrwallet.com/cmx.plnkd.in/ecJh5uqX

The Q2 Wiz Rundown is LIVE & loaded with updates you'll *actually* care about. What's new? Here's a taste: 1) WizOS: Base images hardened to near-zero CVEs 2) Service Catalog: Auto-maps resources into logical services to understand security posture 3) Vuln Treemap View: Instantly see your riskiest packages or libraries 4) API Security: Discover exposed or misconfigured endpoints And more (yes, really 🔥)... 👀 Watch the short vid with Shaked Rotlevi, skip the long release notes 🗒️↓ https://xmrrwallet.com/cmx.plnkd.in/eih_zYQF

🚨 Research update: #ToolShell is back, and it just leveled up. Two new vulnerabilities in Microsoft SharePoint Server, CVE-2025-53770 (RCE) and CVE-2025-53771 (auth bypass), are being actively exploited in the wild. 🔓 Attackers are chaining them to >> • Bypass authentication with a forged header • Drop a stealthy web shell • Steal server keys • Achieve full unauthenticated RCE These are bypasses of bugs #Microsoft patched just days ago. SharePoint Online is safe, but self-managed SharePoint in cloud or on-prem is not. 📊 According to Wiz data, 9% of cloud environments are still running vulnerable versions. Full technical breakdown & timeline 👉 https://xmrrwallet.com/cmx.plnkd.in/exz9a3c3