Discovered Vulnerabilities
s1ngularity Supply Chain Attack: What It Means for Cloud and AI Security
On August 26, 2025, the open-source ecosystem was shaken by a new supply chain attack that targeted Nx, a popular...
Research
Research
10 Most Popular AI Models of 2025
According to Gartner, worldwide spending on generative AI is set to reach $644 billion (USD) in 2025, a nearly 77%...
Report
2025 Gartner® Market Guide for CNAPP
2025 Gartner® Market Guide for Cloud-Native Application Protection Platforms (CNAPP) Read the report to learn why Gartner is recommending that...
‘Orca Watch’ Series
New ‘ToolShell’ Exploit Chain Targets SharePoint Servers via CVE-2025-53770 and CVE-2025-53771
Microsoft pushed out-of-band fixes for on-premise SharePoint Servers after attackers chained CVE-2025-53770 and CVE-2025-53771. The chain bypasses SharePoint chain vulnerabilities,...
Microsoft Azure
Azure Machine Learning Escalation: When Pipelines Go Off the Rails
Table of contentsExecutive summaryA quick introduction to Azure Machine LearningHow AML pipelines are commonly usedHow the privilege escalation vulnerability could...
Orca Platform
Improved Cloud Understanding by Connecting Amazon Q to the Orca MCP Server
When we first announced the Orca MCP Server, we showed some examples with Claude and with Cursor. In this blog,...
Cloud Security Insights
2025 State of Cloud Security Report: Cloud Risks Surge Amid Expanding AI Adoption
Today, we’re excited to release the 2025 State of Cloud Security Report, which reveals deep insights uncovered by the Orca...
Report
2025 State of Cloud Security Report
In-Depth Research 2025 State of Cloud Security Report Hunting threats in the age of relentless risk Get the Report Billions...
Research
CVE-2025-31324 Exploited in the Wild: What We’ve Found in the Aftermath
In late April 2025, SAP disclosed CVE-2025-31324, a critical vulnerability in SAP NetWeaver’s Visual Composer development server. The flaw—stemming from...
