Research Pod

The ‘Google Cloud Platform Storage Explorer’ tool crawls all of your Google Cloud projects and detects which have access to...

The Orca Security Research Pod has been actively tracking cyber attacks leading up to and occurring as part of Russia’s...

A new critical Linux privilege escalation vulnerability was published under the ID CVE-2022-0847, named “Dirty Pipe.”

AutoWarp is a critical vulnerability in Microsoft Azure Automation Service that allows unauthorized access to other customer accounts using the...

How a malicious actor can conduct lateral movement in Google Cloud across compute engine instances using the default service account.

Analyzing customer environments is always a detective task, and when we find structural flaws in a service provider, this is...

Orca Security, as part of an ongoing research effort, discovered a vulnerability in the Databricks platform, and Databricks took swift...

A new critical Linux local privilege escalation vulnerability, found on Polkit's pkexec utility, was published and assigned CVE-2021-4034.

On Jan. 11, 2022, an HTTP Protocol stack remote code execution security vulnerability was identified. Microsoft assigned the CVE 2022-21907...