All articles by Tzah Pahima

The story of a simple race condition leading to a local privilege escalation vulnerability in Azure Synapse Analytics

Recently, the Orca Security research team discovered SynLapse, a tenant separation violation vulnerability in the Microsoft Azure Synapse environment.

BreakingFormation is an XML External Entity (XXE) vulnerability found in AWS CloudFormation that led to local file disclosure, directory listing,...

Orca Security’s vulnerability researcher, Tzah Pahima, discovered a vulnerability in AWS allowing file and credential disclosure of an AWS internal...