Discovered Vulnerabilities
s1ngularity Supply Chain Attack: What It Means for Cloud and AI Security
On August 26, 2025, the open-source ecosystem was shaken by a new supply chain attack that targeted Nx, a popular...
All articles by Roi Nisimi
Discovered Vulnerabilities
pull_request_nightmare Part 2: Exploiting GitHub Actions for RCE and Supply Chain
Executive summary We have managed to successfully compromise repositories owned by Microsoft, Google, Nvidia and many more using a single...
Discovered Vulnerabilities
pull_request_nightmare Part 1: Exploiting GitHub Actions for RCE and Supply Chain Attacks
Executive Summary: The Orca Research Pod has uncovered critical security risks across several high-profile open source repositories that relied on...
‘Orca Watch’ Series
New ‘ToolShell’ Exploit Chain Targets SharePoint Servers via CVE-2025-53770 and CVE-2025-53771
Microsoft pushed out-of-band fixes for on-premise SharePoint Servers after attackers chained CVE-2025-53770 and CVE-2025-53771. The chain bypasses SharePoint chain vulnerabilities,...
Discovered Vulnerabilities
Kubernetes CRD Abstraction Risks in kro
Executive Summary: The Orca Research Pod has discovered CVE-2025-48710 in kro (Kube Resource Orchestrator) where an attacker could introduce a malicious CustomResourceDefinition...
Research
Kubernetes Testing Environment: An Open Source Resilience Platform for EKS, GKE and AKS
It will come as no surprise that Kubernetes deployments are growing exponentially across many industries. According to the Cloud Native...
‘Orca Watch’ Series
Mitigating CVE 2024-38063: Critical RCE Vulnerability On Windows Systems With IPv6
Microsoft recently advised of a critical TCP/IP Remote Code Execution Vulnerability dubbed CVE 2024-38063, which is a critical unauthenticated Remote...
Discovered Vulnerabilities
LeakyCLI: AWS and Google Cloud Command-Line Tools Can Expose Sensitive Credentials in Build Logs
Table of contentsExecutive Summary:What are Azure, Gcloud and AWS CLI?Exposure of Serverless environment variablesAWS CLI LeakageGcloud CLI LeakageExploitation Proof of...
‘Orca Watch’ Series
‘Leaky Vessels’ Docker Vulnerabilities Found in Many Cloud Environments: RunC (60%) and BuildKit (28%)
On January 31st, Snyk unveiled the discovery of four novel container vulnerabilities that target the runC and BuildKit components within...
Discovered Vulnerabilities
Sys:All: How A Simple Loophole in Google Kubernetes Engine Puts Clusters at Risk of Compromise
The Orca Research Pod has uncovered a dangerous loophole in Google Kubernetes Engine (GKE) that could allow an attacker with...
Personalized Demo
See Orca Security in Action
Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.