Research Pod

A new critical Linux privilege escalation vulnerability was published under the ID CVE-2022-0847, named “Dirty Pipe.”

AutoWarp is a critical vulnerability in Microsoft Azure Automation Service that allows unauthorized access to other customer accounts using the...

How a malicious actor can conduct lateral movement in Google Cloud across compute engine instances using the default service account.

Analyzing customer environments is always a detective task, and when we find structural flaws in a service provider, this is...

Orca Security, as part of an ongoing research effort, discovered a vulnerability in the Databricks platform, and Databricks took swift...

A new critical Linux local privilege escalation vulnerability, found on Polkit's pkexec utility, was published and assigned CVE-2021-4034.

On Jan. 11, 2022, an HTTP Protocol stack remote code execution security vulnerability was identified. Microsoft assigned the CVE 2022-21907...

Orca Security’s vulnerability researcher, Tzah Pahima, discovered a vulnerability in AWS allowing file and credential disclosure of an AWS internal...

Orca's Research Team discovered a critical vulnerability that could allow an actor to create resources and access data of AWS...