Two XSS Vulnerabilities in Azure with Embedded postMessage IFrames
Microsoft Azure offers a diverse range of services that empower organizations with convenient and scalable cloud infrastructure solutions. However, even...
Microsoft Azure offers a diverse range of services that empower organizations with convenient and scalable cloud infrastructure solutions. However, even...
In recent years, supply chain attacks targeting software developers and suppliers have become increasingly common. The primary objective of these...
Today, at BlueHat IL 2023, we proudly announced our discovery of a new vulnerability in Azure, which we've dubbed 'Super...
As we approach the middle of 2023, we thought it an appropriate time to reflect on the cloud security risks...
The Orca Research Pod has discovered CosMiss, a vulnerability in Microsoft Azure Cosmos DB where authentication checks were missing from...
The Orca Research Pod has discovered FabriXss, a vulnerability in Azure Service Fabric Explorer
Orca Security has released the 2022 State of the Public Cloud Security report, which provides crucial insights into the current...
The story of a simple race condition leading to a local privilege escalation vulnerability in Azure Synapse Analytics
Check out this Orca Security article that outlines infrastructure as code (IaC) security risks and offers recommended methods for protecting...
Recently, the Orca Security research team discovered SynLapse, a tenant separation violation vulnerability in the Microsoft Azure Synapse environment.
A threat actor recently hacked a popular PyPi repo on GitHub, setting off a supply chain attack that could have...
This security advisory addresses a tenant separation issue in the Microsoft Azure Synapse service.
Protestware malicious code found in NPM package node-ipc in Russia / Belarus, overwriting entire file systems with heart emojis to...