Orca Platform
Near Real-Time Cloud Detection and Response (CDR): Unifying Cloud-Native Intelligence
According to VulnCheck, roughly a third of vulnerabilities now fit the description of “Zero Day,” meaning they’re exploited on or...
Blog
Application Security
Top 2026 Cloud Security Predictions: What’s Next for Security Leaders
2026 is here, and the cloud security landscape is shifting rapidly. AI is reshaping how attackers operate, supply chains remain...
Orca Platform
Secure Code from IDE to Cloud: Meet Orca’s IntelliJ Extension
According to PwC’s Global Digital Trust Insights Report, one-third of organizations say they’re least prepared to address cloud-based threats, while...
‘Orca Watch’ Series
Critical unauthenticated RCE in n8n (CVE-2026-21858, CVSS 10.0) allows full instance takeover
A critical vulnerability (CVE-2026-21858, CVSS score 10.0) was disclosed affecting the n8n workflow automation platform, allowing attackers to remotely execute...
Orca Platform
Reduce External Exposure Risk for Cloud Native Apps with Akamai and Orca
We’re excited to share that Orca now integrates with Akamai, a global leader in content delivery, cloud services, and cybersecurity....
Cloud Security Learning
Where to Start Your Cloud Security Program: CSPM, CWPP, or Runtime Data? A Modern Guide to CNAPP Maturity
After leading several cloud security transformations across large and fast-moving organizations, I have found that one truth has always held:...
‘Orca Watch’ Series
Critical 9.3 Severity LangChain Serialization Flaw Enables Secret Theft
A critical vulnerability (CVE-2025-68664, CVSS 9.3) was disclosed affecting the LangChain open-source LLM framework, allowing attackers to steal sensitive data...
‘Orca Watch’ Series
Critical Unauthenticated MongoDB Heap Memory Leak Vulnerability Leaks Sensitive Data
A high severity vulnerability (CVE-2025-14847, CVSS 7.5/8.7) was disclosed affecting MongoDB Server across a wide range of versions, allowing attackers...
‘Orca Watch’ Series
Critical n8n RCE vulnerability enables full server compromise
A critical vulnerability (CVE-2025-68613, CVSS 9.9/10.0) was disclosed affecting the n8n workflow automation platform, allowing attackers to execute arbitrary code...