Roi Nisimi, Author at Orca Security

New ‘ToolShell’ Exploit Chain Targets SharePoint Servers via CVE-2025-53770 and CVE-2025-53771

‘Orca Watch’ Series

New ‘ToolShell’ Exploit Chain Targets SharePoint Servers via CVE-2025-53770 and CVE-2025-53771

Microsoft pushed out-of-band fixes for on-premise SharePoint Servers after attackers chained CVE-2025-53770 and CVE-2025-53771. The chain bypasses SharePoint chain vulnerabilities,...

Roi Nisimi

Jul 22, 2025

Discovered Vulnerabilities

Kubernetes CRD Abstraction Risks in kro

Executive Summary: The Orca Research Pod has discovered CVE-2025-48710 in kro (Kube Resource Orchestrator) where an attacker could introduce a malicious CustomResourceDefinition...

Roi Nisimi

May 13, 2025

Kubernetes Testing Environment: An Open Source Resilience Platform for EKS, GKE and AKS

Research

Kubernetes Testing Environment: An Open Source Resilience Platform for EKS, GKE and AKS

It will come as no surprise that Kubernetes deployments are growing exponentially across many industries. According to the Cloud Native...

Roi Nisimi

Aug 27, 2024

Mitigating CVE 2024-38063: Critical RCE Vulnerability On Windows Systems With IPv6

‘Orca Watch’ Series

Mitigating CVE 2024-38063: Critical RCE Vulnerability On Windows Systems With IPv6

Microsoft recently advised of a critical TCP/IP Remote Code Execution Vulnerability dubbed CVE 2024-38063, which is a critical unauthenticated Remote...

Roi Nisimi

Aug 19, 2024

LeakyCLI: AWS and Google Cloud Command-Line Tools Can Expose Sensitive Credentials in Build Logs

Discovered Vulnerabilities

LeakyCLI: AWS and Google Cloud Command-Line Tools Can Expose Sensitive Credentials in Build Logs

Table of contentsExecutive Summary:What are Azure, Gcloud and AWS CLI?Exposure of Serverless environment variablesAWS CLI LeakageGcloud CLI LeakageExploitation Proof of...

Roi Nisimi

Apr 16, 2024

‘Leaky Vessels’ Docker Vulnerabilities Found in Many Cloud Environments: RunC (60%) and BuildKit (28%)

‘Orca Watch’ Series

‘Leaky Vessels’ Docker Vulnerabilities Found in Many Cloud Environments: RunC (60%) and BuildKit (28%)

On January 31st, Snyk unveiled the discovery of four novel container vulnerabilities that target the runC and BuildKit components within...

Roi Nisimi

Feb 07, 2024

Sys:All: How A Simple Loophole in Google Kubernetes Engine Puts Clusters at Risk of Compromise

Discovered Vulnerabilities

Sys:All: How A Simple Loophole in Google Kubernetes Engine Puts Clusters at Risk of Compromise

The Orca Research Pod has uncovered a dangerous loophole in Google Kubernetes Engine (GKE) that could allow an attacker with...

Roi Nisimi

Jan 24, 2024

Unauthenticated Access to GCP Dataproc Can Lead to Data Leak

Discovered Vulnerabilities

Unauthenticated Access to GCP Dataproc Can Lead to Data Leak

The Orca Research Pod has made an important discovery that puts Google Cloud Dataproc clusters at risk for data theft,...

Roi Nisimi

Dec 12, 2023

Bad.Build: A Critical Privilege Escalation Design Flaw in Google Cloud Build Enables a Supply Chain Attack

Discovered Vulnerabilities

Bad.Build: A Critical Privilege Escalation Design Flaw in Google Cloud Build Enables a Supply Chain Attack

Bad.Build is a critical design flaw discovered by the Orca Research Pod in the Google Cloud Build service that enables...

Roi Nisimi

Jul 18, 2023

All articles by Roi Nisimi

New ‘ToolShell’ Exploit Chain Targets SharePoint Servers via CVE-2025-53770 and CVE-2025-53771

Kubernetes CRD Abstraction Risks in kro

Kubernetes Testing Environment: An Open Source Resilience Platform for EKS, GKE and AKS

Mitigating CVE 2024-38063: Critical RCE Vulnerability On Windows Systems With IPv6

LeakyCLI: AWS and Google Cloud Command-Line Tools Can Expose Sensitive Credentials in Build Logs

‘Leaky Vessels’ Docker Vulnerabilities Found in Many Cloud Environments: RunC (60%) and BuildKit (28%)

Sys:All: How A Simple Loophole in Google Kubernetes Engine Puts Clusters at Risk of Compromise

Unauthenticated Access to GCP Dataproc Can Lead to Data Leak

Bad.Build: A Critical Privilege Escalation Design Flaw in Google Cloud Build Enables a Supply Chain Attack

See Orca Security in Action

Cloud Security Platform

Technology Ecosystem

By Solution

By Industry

Comparisons