Lightnews — Scholar-powered news

Wiz io @wizsecurity.bsky.social · 2d

@scottpiper.bsky.social highlights an emerging trend of attackers incorporating AI into their payloads, providing recent examples, and discussing the implications of this trend.

Full analysis: www.wiz.io/blog/the-eme...

Emerging Threat: AI-Powered Malware Attacks | Wiz Blog

From LameHug to s1ngularity, attackers are invoking AI directly in malware payloads.

www.wiz.io

1

Wiz io @wizsecurity.bsky.social · 2d

🤖 We're witnessing something unprecedented with AI agents:
Malware that literally prompts ChatGPT, Claude, and other LLMs to write its own attack code. Live. On victim machines.

Emerging Threat: AI-Powered Malware Attacks | Wiz Blog

From LameHug to s1ngularity, attackers are invoking AI directly in malware payloads.

www.wiz.io

1

Wiz io @wizsecurity.bsky.social · 10d

Introducing ZERODAY.CLOUD🕵️‍♀️
Be the first to participate in the first-of-its-kind cloud hacking competition. 🤝

WIN HUGE PRIZES from our up to 4.5 million dollar prize pool. 💰🏆

Join us to help make the cloud a safer place. Register your exploit now >> zeroday.cloud

1 1

Wiz io @wizsecurity.bsky.social · 11d

@fortune.com JUST DROPPED A FEATURE ON Wiz 🔥

If you've been following the Wiz story, this one's for you.

HUGE shoutout to everyone who made this story worth telling. You helped build something Fortune couldn't ignore 💙

fortune.com/article/wiz-...

2

Wiz io @wizsecurity.bsky.social · 25d

🚨 #Shai-Hulud: Major npm supply chain attack.

100+ packages weaponized with stolen GitHub tokens, stealing secrets, hijacking repos, and auto-propagating like a worm.

Guidance + detections inside

www.wiz.io/blog/shai-hu...

2 3

Wiz io @wizsecurity.bsky.social · Sep 9

Impact: code reached ~10% of cloud envs in 2hrs. Risk highest for crypto apps serving JS. Blocklist bad versions, clear caches, rebuild, scan bundles. Wiz detections live in Threat Center. Learn more: www.wiz.io/blog/widespr...

Widespread npm Supply Chain Attack: Breaking Down Impact & Scope Across Debug, Chalk, and Beyond | Wiz Blog

A deeper look at the npm debug/chalk supply-chain incident: deobfuscating the wallet-hijacking browser interceptor, quantifying the ~2-hour exposure with Wiz telemetry (~99% package prevalence, ~10% m...

www.wiz.io

Wiz io @wizsecurity.bsky.social · Sep 9

🚨 Major npm hijack: Attackers took over Qix's account (chalk, debug & more). Malicious versions briefly hit npm, injecting browser code to hijack crypto transactions.
DuckDB ecosystem is also affected.

1

Wiz io @wizsecurity.bsky.social · Sep 9

Meet WizOS 💥 Public Preview! Secure, minimal container images with near-zero CVEs. Less patching, more speed, swap images right in your CI/CD & IDEs.
www.wiz.io/blog/wizos-t...

WizOS Is Here: Container Security from the Image Up | Wiz Blog

WizOS is now in public preview: minimal, secured container images built by Wiz with near-zero CVEs. Join now to access the Secured Image Catalog.

www.wiz.io

Wiz io @wizsecurity.bsky.social · Sep 8

🚨 One leaked #AWS key fueled a global phishing campaign. Wiz traced the attack, stopped it with Defend alerts, and added protections so one key never opens every door.

Full story 👉 www.wiz.io/blog/wiz-dis...

Wiz Uncovers SES Abuse Campaign Using Stolen AWS Access Keys | Wiz Blog

From leaked AWS access keys to large-scale spam: Wiz Research uncovered a live Amazon SES abuse campaign, turning insights into early-warning detections.

www.wiz.io

Wiz io @wizsecurity.bsky.social · Sep 2

🚨 Your Cloud DFIR Desk Mat is here!
A first-ever poster mapping MITRE ATT&CK to key AWS, Azure & GCP log sources and API events.

📥 Get your copy: threats.wiz.io/cloud-dfir-p...

Wiz io @wizsecurity.bsky.social · Aug 28

🚨 New CTF: Azure APT 🏆

Step into the shoes of an attacker targeting Azure. Use a malicious OAuth app, bypass restrictions, and capture the flag.

Can you solve all 12 CTF's and WIN our belt?

Test your skills with this month's CTF by Lior Sonntag 👉 www.cloudsecuritychampionship.com/challenge/3

Wiz io @wizsecurity.bsky.social · Aug 27

📂 Thousands of secrets leaked into attacker-created public GitHub repos.

👉 The repos are gone, but the damage has been done
- Rotate credentials + upgrade immediately.

Full breakdown here: www.wiz.io/blog/s1ngula...

s1ngularity: supply chain attack leaks secrets on GitHub: everything you need to know | Wiz Blog

Detect and mitigate a critical supply chain compromise affecting the Nx NPM Package. Organizations should act urgently.

www.wiz.io

Wiz io @wizsecurity.bsky.social · Aug 27

🚨 hashtag#s1ngularity: a supply chain attack hiding in the Nx npm package

Malicious versions stole hashtag#GitHub tokens, SSH keys, wallets, and secrets, even hijacking AI CLI tools to help exfiltrate data.

s1ngularity: supply chain attack leaks secrets on GitHub: everything you need to know | Wiz Blog

Detect and mitigate a critical supply chain compromise affecting the Nx NPM Package. Organizations should act urgently.

www.wiz.io

1

Wiz io @wizsecurity.bsky.social · Aug 21

Full breakdown by @scottpiper.bsky.social : www.wiz.io/blog/a-new-t...

A new type of long-lived key on AWS: Bedrock API keys | Wiz Blog

New AWS Bedrock keys simplify authentication while raising security considerations.

www.wiz.io

1

Wiz io @wizsecurity.bsky.social · Aug 21

- Long-term keys are tied to IAM Users (and yes, we've already seen them exposed on GitHub)
- Short-term keys work differently, but both act as bearer tokens, a surprising shift from AWS's usual sigv4 approach

The good news? AWS is now scanning GitHub for exposed Bedrock keys.

1

Wiz io @wizsecurity.bsky.social · Aug 21

🚨 New keys just dropped… and they're already leaking.

#AWS introduced Bedrock API keys, both long-term and short-term. On the surface, they look like just another way to authenticate.
But here's the twist ⬇️

1 1

Wiz io @wizsecurity.bsky.social · Aug 19

🤖 AI agents are everywhere now.

So we put together a practical security guide that actually maps out what's happening in the wild. 👇

No fluff. Just the stuff security teams need to know.

Save this cheat sheet 💾

Wiz io @wizsecurity.bsky.social · Aug 19

🤖 AI agents are everywhere now.

So we put together a practical security guide that actually maps out what's happening in the wild. 👇

No fluff. Just the stuff security teams need to know.

Save this cheat sheet 💾

Wiz io @wizsecurity.bsky.social · Aug 14

Introducing Wizmojis.com >> Our cloud security emojis for your Slack & WhatsApp that finally get YOU.

💬 Some favorites:
* blame-the-intern
* cve-part
* phishing-season

⬇️ Comment below — What emoji do you need on Slack?
The best ideas might just make it into the next pack of Wizmojis.

Wiz io @wizsecurity.bsky.social · Aug 13

You're officially invited to the BIGGEST WIZ EVENT of the year... WIZDOM!

We're going all in: Wizdom is your exclusive, in-person pass to the people & ideas shaping the future of cloud security ⬇︎

📍 New York City, Nov 3-5
📍 London, Nov 17-19

Your calendar won't block itself.
www.wiz.io/wizdom

Wizdom: Our first-ever user conference | Wiz

An exclusive gathering of cloud security leaders, innovators, and practitioners.

www.wiz.io

Wiz io @wizsecurity.bsky.social · Aug 6

Introducing... 🥁 Say hello to Wiz for Exposure Management! 🥳
Wiz for Exposure Management is a NEW way to unify, prioritize, and fix exposures everywhere it lives: in your cloud, code, and on-prem infrastructure.

Learn more: www.wiz.io/blog/wiz-for...

Introducing Wiz for Exposure Management | Wiz Blog

Wiz now supports exposure management across cloud, code, and on-prem – combining scanner data into one view to help teams prioritize and fix real risk.

www.wiz.io

1 3

Wiz io @wizsecurity.bsky.social · Aug 4

The breakdown:

- An internal memory name leaks in an error
- The public API gets turned against the backend
- And just like that, an attacker can take over the server

This puts #AI models, sensitive data, and entire environments at serious risk.

Full research → www.wiz.io/blog/nvidia-...

Breaking NVIDIA Triton: CVE-2025-23319 - A Vulnerability Chain Leading to AI Server Takeover | Wiz Blog

Wiz Research discovers a critical vulnerability chain allowing unauthenticated attackers to take over NVIDIA's Triton Inference Server.

www.wiz.io

1

Wiz io @wizsecurity.bsky.social · Aug 4

🚨 Wiz Research found a vulnerability chain in NVIDIA's open-source Triton Inference Server

What started as a small error message turned into something big:
A path to full remote code execution, no creds, no user interaction.

1 2

Wiz io @wizsecurity.bsky.social · Jul 31

🏆 Can you escape a container & become THE ULTIMATE CLOUD SECURITY CHAMPION?

This month's scenario was crafted by Sagi Tzadik to explore container escape techniques, the same kinds of risks we'll be diving into at #BlackHat next week!

Challenge #2 👉
cloudsecuritychampionship.com/challenge/2

2

Wiz io @wizsecurity.bsky.social · Jul 29

The bigger story>>
As AI dev explodes, it's now core infrastructure, shared risks mean shared responsibility (and impact) if security's skipped.

🧠 Full breakdown → www.wiz.io/blog/critica...

Critical Vulnerability in AI “Vibe Coding” platform Base44 | Wiz Blog

New discovery underscores security implications of AI-powered development and the rise of “Vibe Coding” Platforms.

www.wiz.io

2