Report
2025 State of Cloud Security Report
In-Depth Research 2025 State of Cloud Security Report Hunting threats in the age of relentless risk Get the Report Billions...
Research
Research
CVE-2025-31324 Exploited in the Wild: What We’ve Found in the Aftermath
In late April 2025, SAP disclosed CVE-2025-31324, a critical vulnerability in SAP NetWeaver’s Visual Composer development server. The flaw—stemming from...
Research
Bringing Memory to AI: A Look at A2A and MCP-like Technologies Across Platforms
Over the last year, we've witnessed a pivotal shift in how large language models (LLMs) are used - not just...
Discovered Vulnerabilities
Kubernetes CRD Abstraction Risks in kro
Executive Summary: The Orca Research Pod has discovered CVE-2025-48710 in kro (Kube Resource Orchestrator) where an attacker could introduce a malicious CustomResourceDefinition...
Cloud Security Insights
CVE is Not Dead, Yet: MITRE CVE Program Status in 2025
Yesterday, MITRE executives announced that the MITRE CVE database may go dark due to a funding gap starting from today,...
Orca Platform
Innovating with GenAI to Put Cloud Telemetry at Your Fingertips: Powered by Model Context Protocol, created by Anthropic, and Orca
Generative AI is fundamentally changing how we work, expanding human creativity and optimizing productivity across the search-summarize-synthesize workflow we use...
Discovered Vulnerabilities
‘IngressNightmare’: Critical Vulnerabilities in Ingress NGINX Controller Allow Unauthenticated Remote Code Execution
On March 24th, 2025, Wiz’s research team published information on five vulnerabilities in the Ingress NGINX Controller for Kubernetes (ingress-nginx)...
Discovered Vulnerabilities
Oracle Cloud Breach Exploiting CVE-2021-35587: How to Protect Your Organization
Read about the Oracle Cloud Breach Exploiting CVE-2021-35587 and learn how to protect your organization.
Discovered Vulnerabilities
GitHub Action Compromised: tj-actions/changed-files Malicious Commit
Over the past weekend, security researchers discovered that the popular GitHub Action tj-actions/changed-files has been compromised. Malicious code added to...