Commit to Compromise: A New Threat Actor Targeting the Cryptocurrency Industry's Software Development Infrastructure 2026-05-27 True Shira Ayal True durabletask: TeamPCP's Latest PyPi Compromise 2026-05-19 True Rami McCarthy True The Worm That Keeps on Digging: TeamPCP Hits @antv in Latest Wave 2026-05-19 True Rami McCarthy True Fragnesia: Linux Kernel Local Privilege Escalation via ESP-in-TCP 2026-05-13 True Merav Bar True Mini Shai-Hulud Strikes Again: TanStack + more npm Packages Compromised 2026-05-12 True Rami McCarthy True A Framework for AI Threat Readiness 2026-05-08 True Alon Schindel True Dirty Frag: Linux Kernel Local Privilege Escalation via ESP and RxRPC 2026-05-08 True Merav Bar True The Jenkins Threat Landscape 2026-05-06 True Merav Bar True Critical Buffer Overflow Vulnerability in PAN-OS Exploited in-the-Wild 2026-05-06 True Merav Bar True Practical Package Security: The Unofficial Guide 2026-05-04 True Rami McCarthy True Copy Fail: Universal Linux Local Privilege Escalation Vulnerability 2026-05-01 True True The (In)security Landscape of AI-Powered GitHub Actions (Part 2/2) 2026-04-30 True True Supply Chain Campaign Targets SAP npm Packages with Credential-Stealing Malware 2026-04-29 True True Securing GitHub: Wiz Research uncovers Remote Code Execution in GitHub.com and GitHub Enterprise Server (CVE-2026-3854) 2026-04-28 True True Context.ai OAuth Token Compromise 2026-04-20 True True From Code to Pipeline: Wiz Code Now Secures Your Build Environment 2026-04-20 True True Primer on GitHub Actions Security - Threat Model, Attacks and Defenses (Part 1/2) 2026-04-14 True True Claude Mythos: Preparing for a World Where AI Finds and Exploits Vulnerabilities Faster Than Ever 2026-04-10 True True Cloud Threats Retrospective 2026: What AI Changed (and What It Didn’t) 2026-04-09 True True Six Accounts, One Actor: Inside the prt-scan Supply Chain Campaign 2026-04-04 True True Axios NPM Distribution Compromised in Supply Chain Attack 2026-03-31 True True Tracking TeamPCP: Investigating Post-Compromise Attacks Seen in the Wild 2026-03-30 True True Three’s a Crowd: TeamPCP trojanizes LiteLLM in Continuation of Campaign 2026-03-24 True True KICS GitHub Action Compromised: TeamPCP Strikes Again in Supply Chain Attack 2026-03-23 True True Introducing the Wiz Red Agent- AI-Powered Attacker 2026-03-23 True True AI Runtime Threat Detection: From Input to Real-World Impact 2026-03-20 True True Trivy Compromised: Everything You Need to Know about the Latest Supply Chain Attack 2026-03-20 True True It’s Official: Wiz Joins Google 2026-03-11 True True Would You Click ‘Accept’? Automatically detecting malicious Azure OAuth applications using LLMs 2026-02-18 True True Hacking Moltbook: The AI Social Network Any Human Can Control 2026-02-02 True True The Year in Wiz Research: 2025 Most Read Blogs 2026-01-30 True True AI Agents vs Humans: Who Wins at Web Hacking in 2026? 2026-01-29 True True Agentic Browser Security: 2025 Year-End Review 2026-01-16 True True CodeBreach: Infiltrating the AWS Console Supply Chain and Hijacking AWS GitHub Repositories via CodeBuild 2026-01-15 True True Snipping the Long Tail of Shai-Hulud 2.0 2025-12-30 True True Protecting Against Zero-Day Vulnerabilities with SOC-Level ASM Alert 2025-12-30 True True MongoBleed (CVE-2025-14847) exploited in the wild: everything you need to know 2025-12-28 True True Zero-Days in the Age of AI: Behind the Scenes of ZeroDay.cloud 2025 2025-12-16 True True Gogs 0-Day Exploited in the Wild 2025-12-10 True True Code to Cloud Attacks: From Github PAT to Cloud Control Plane 2025-12-09 True True React2Shell: Technical Deep-Dive & In-the-Wild Exploitation of CVE-2025-55182 2025-12-08 True True Critical Vulnerabilities in React and Next.js: everything you need to know 2025-12-03 True True Shai-Hulud 2.0 Aftermath: Trends, Victimology and Impact 2025-12-01 True True Exposure Report: 65% of Leading AI Companies Found with Verified Secret Leaks 2025-11-10 True True Dismantling a Critical Supply Chain Risk in VSCode Extension Marketplaces 2025-10-15 True True RediShell: Critical Remote Code Execution Vulnerability (CVE-2025-49844) in Redis, 10 CVSS score 2025-10-06 True True Defending against database ransomware attacks 2025-10-06 True True The emerging use of malware invoking AI 2025-09-26 True True IMDS Abused: Hunting Rare Behaviors to Uncover Exploits 2025-09-22 True True Beyond CVEs: The Exploitation of Everyday Misconfigurations 2025-09-19 True True 
