Discovered Vulnerabilities
NPM Packages Compromised: Maintainer ‘qix’ Hacked
Reports have emerged of a major supply chain attack impacting numerous NPM packages maintained by the developer known as “qix.”...
Research Pod
Discovered Vulnerabilities
s1ngularity Supply Chain Attack: What It Means for Cloud and AI Security
On August 26, 2025, the open-source ecosystem was shaken by a new supply chain attack that targeted Nx, a popular...
Research
10 Most Popular AI Models of 2025
According to Gartner, worldwide spending on generative AI is set to reach $644 billion (USD) in 2025, a nearly 77%...
‘Orca Watch’ Series
New ‘ToolShell’ Exploit Chain Targets SharePoint Servers via CVE-2025-53770 and CVE-2025-53771
Microsoft pushed out-of-band fixes for on-premise SharePoint Servers after attackers chained CVE-2025-53770 and CVE-2025-53771. The chain bypasses SharePoint chain vulnerabilities,...
Microsoft Azure
Azure Machine Learning Escalation: When Pipelines Go Off the Rails
Table of contentsExecutive summaryA quick introduction to Azure Machine LearningHow AML pipelines are commonly usedHow the privilege escalation vulnerability could...
Orca Platform
Improved Cloud Understanding by Connecting Amazon Q to the Orca MCP Server
When we first announced the Orca MCP Server, we showed some examples with Claude and with Cursor. In this blog,...
Cloud Security Insights
2025 State of Cloud Security Report: Cloud Risks Surge Amid Expanding AI Adoption
Today, we’re excited to release the 2025 State of Cloud Security Report, which reveals deep insights uncovered by the Orca...
Research
CVE-2025-31324 Exploited in the Wild: What We’ve Found in the Aftermath
In late April 2025, SAP disclosed CVE-2025-31324, a critical vulnerability in SAP NetWeaver’s Visual Composer development server. The flaw—stemming from...
Research
Bringing Memory to AI: A Look at A2A and MCP-like Technologies Across Platforms
Over the last year, we've witnessed a pivotal shift in how large language models (LLMs) are used - not just...
Personalized Demo
See Orca Security in Action
Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.