logo

Wiz Cloud Threat Landscape

ID: 4da5a88c-35f6-5acd-8921-2a75ef66a358

STIX ID: identity--4da5a88c-35f6-5acd-8921-2a75ef66a358

Feed Type: rss

Earliest post: 2010-01-12

Latest post: 2026-06-25

A comprehensive threat intelligence database of cloud security incidents, actors, tools and techniques. Powered by Wiz Research.

01/01/2020
07/14/2026
Title Date Published Describes IncidentAuthorVisible
Cryptojacking Campaign Targeting K8s Clusters (Campaign)2026-06-25True[email protected] (Wiz Threat Research)True
Klue Supply Chain Breach Leads to Salesforce Data Exfiltration (Incident)2026-06-18True[email protected] (Wiz Threat Research)True
Mastra Packages Trojanized with Malicious Dependency (Campaign)2026-06-17True[email protected] (Wiz Threat Research)True
FortiBleed: Credential Compromise Campaign Targeting Fortinet Devices (Campaign)2026-06-16True[email protected] (Wiz Threat Research)True
Atomic Arch: AUR Package Supply Chain Compromise Using Malicious npm Package (Campaign)2026-06-12True[email protected] (Wiz Threat Research)True
ServiceNow Unauthenticated Access Incident (Incident)2026-06-09True[email protected] (Wiz Threat Research)True
TeamPCP adds Malware to Multiple Microsoft-Linked GitHub Projects (Campaign)2026-06-05True[email protected] (Wiz Threat Research)True
Binding.gyp Supply Chain Attack Enables CI/CD Worm Propagation Across npm Packages (Campaign)2026-06-04True[email protected] (Wiz Threat Research)True
Miasma: Supply Chain Compromise in RedHat npm Packages (Campaign)2026-06-01True[email protected] (Wiz Threat Research)True
JINX-0164 Targeting Cryptocurrency Development Infrastructure (Campaign)2026-05-27True[email protected] (Wiz Threat Research)True
Supply Chain Campaign Targeting Composer and GitHub Repositories (Campaign)2026-05-24True[email protected] (Wiz Threat Research)True
Megalodon Campaign Backdoors GitHub Repositories via CI Workflow Compromise (Campaign)2026-05-22True[email protected] (Wiz Threat Research)True
TeamPCP Claims Breach of Internal GitHub Repositories (Incident)2026-05-20True[email protected] (Wiz Threat Research)True
New Mini-Shai-Hulud Wave Targets NPM, PyPi Packages and VSCode Extension (Campaign)2026-05-18True[email protected] (Wiz Threat Research)True
node-ipc npm Distribution Compromised (Campaign)2026-05-14True[email protected] (Wiz Threat Research)True
Tanstack and other Packages Compromised in Supply Chain Attack (Campaign)2026-05-11True[email protected] (Wiz Threat Research)True
DDoS Botnet Leveraging Jenkins Misconfigurations for Initial Access (Campaign)2026-05-10True[email protected] (Wiz Threat Research)True
Compromise of Checkmarx Jenkins AST Plugin by TeamPCP (Campaign)2026-05-09True[email protected] (Wiz Threat Research)True
Lightning and Intercom Packages Compromised in Supply Chain Attack (Campaign)2026-04-30True[email protected] (Wiz Threat Research)True
Supply Chain Campaign Targets SAP npm Packages with Credential-Stealing Malware (Campaign)2026-04-29True[email protected] (Wiz Threat Research)True
Critical SQL Injection Vulnerability in LiteLLM Exploited in-the-Wild (Campaign)2026-04-27True[email protected] (Wiz Threat Research)True
Elementary Data Compromised in Supply Chain Attack (Campaign)2026-04-23True[email protected] (Wiz Threat Research)True
Xinference Compromised in Supply Chain Attack (Campaign)2026-04-22True[email protected] (Wiz Threat Research)True
Checkmarx KICS and Bitwarden CLI Compromised in Fresh Supply Chain Attack (Campaign)2026-04-22True[email protected] (Wiz Threat Research)True
PolinRider Campaign: DPRK-Linked Supply Chain Attack Infects GitHub Repositories (Campaign)2026-04-09True[email protected] (Wiz Threat Research)True
Stolen SaaS Integration Tokens Enable Data Theft Across Snowflake Environments (Campaign)2026-04-07True[email protected] (Wiz Threat Research)True
UAT-10608 Campaign Abuses React2Shell for Cloud Credential Harvesting (Campaign)2026-04-02True[email protected] (Wiz Threat Research)True
Axios supply chain attack (Incident)2026-03-31True[email protected] (Wiz Threat Research)True
Apifox supply chain attack (Incident)2026-03-26True[email protected] (Wiz Threat Research)True
BuddyBoss supply chain attack (Incident)2026-03-25True[email protected] (Wiz Threat Research)True
LiteLLM supply chain attack (Incident)2026-03-24True[email protected] (Wiz Threat Research)True
Exploitation of S1ngularity-exposed cloud keys for lateral movement (Incident)2026-03-11True[email protected] (Wiz Threat Research)True
xygeni-action repository hijack (Incident)2026-03-09True[email protected] (Wiz Threat Research)True
PolinRider supply chain attack (Incident)2026-03-08True[email protected] (Wiz Threat Research)True
Trivy supply chain attack (Incident)2026-03-01True[email protected] (Wiz Threat Research)True
SANDWORM_MODE: Typosquatted npm Packages Used to Hijack CI Workflows (Campaign)2026-02-20True[email protected] (Wiz Threat Research)True
TeamPCP Cloud-Native Campaign Targeting Exposed Control Planes (Campaign)2026-02-05True[email protected] (Wiz Threat Research)True
Supply-Chain Hijacking of Notepad++ Updates via Hosting Provider Compromise (Campaign)2026-02-02True[email protected] (Wiz Threat Research)True
Supply-Chain Attack via Force Pushes on Plone GitHub Repositories (Campaign)2026-01-31True[email protected] (Wiz Threat Research)True
Operation Bizarre Bazaar: Commercialized LLMjacking (Campaign)2026-01-28True[email protected] (Wiz Threat Research)True
Cloud-Native Phishing Infrastructure via Abused AWS WorkMail (Campaign)2026-01-27True[email protected] (Wiz Threat Research)True
GeoServer RCE Exploited in CoinMiner Campaigns (Campaign)2026-01-24True[email protected] (Wiz Threat Research)True
Amadey Loader Abuses Compromised Self-Hosted GitLab to Deliver StealC Infostealer (Campaign)2025-12-18True[email protected] (Wiz Threat Research)True
China-nexus Campaign Exploits CVE-2025-20393 in Cisco Email Security Devices (Campaign)2025-12-17True[email protected] (Wiz Threat Research)True
Shai-Hulud 2.0 Supply Chain Attack (Campaign)2025-11-24True[email protected] (Wiz Threat Research)True
Cryptomining Campaign Exploiting Exposed Ray AI Infrastructure (Campaign)2025-11-19True[email protected] (Wiz Threat Research)True
Cisco ISE Vulnerability Exploited as 0day by APT (Campaign)2025-11-13True[email protected] (Wiz Threat Research)True
Unauthenticated Remote Access via Triofox Vulnerability Exploited by UNC6485 (Campaign)2025-11-12True[email protected] (Wiz Threat Research)True
Gambling Network Exploits Abandoned Subdomains (Campaign)2025-11-11True[email protected] (Wiz Threat Research)True
China-Linked Actors Target U.S. Policy-Oriented Non-Profit Organisations (Campaign)2025-11-05True[email protected] (Wiz Threat Research)True

1–50 of 378