All news with #wiz tag

🛡️ The rapid rise of AI-assisted and vibe coding is accelerating secrets sprawl, with developers and AI agents increasingly introducing credentials, tokens, and private data into code and collaboration tools. Security researchers from Wiz and independent analysts found a Jan. 28, 2026 Moltbook backend misconfiguration on Supabase that exposed 1.5 million API authentication tokens, tens of thousands of emails, and private messages. Organizations report that detection is outpacing remediation: many teams can find leaks but lack governance and processes to revoke, rotate, and purge secrets at scale. Experts urge treating the issue as identity governance, embedding security into the SDLC, and enforcing short-lived credentials and automated rotation.

🔒 In this May 2026 Cloud CISO Perspectives entry, Vinod D’Souza and Anthony Belfiore outline how Google and Wiz are combining deep cloud telemetry with advanced AI research to address multicloud security challenges. They emphasize a developer-centric shift that moves remediation into code using tools like Wiz Code and sensors for hybrid Linux, vSphere, and Windows environments. The authors envision agentic SOCs and near real-time defenses that boost analyst efficiency while preserving human-in-the-loop oversight. The collaboration aims to accelerate self-healing infrastructure without compromising availability.

🔒 At Next '26 Francis deSouza framed Google Cloud's direction as preparing enterprises for an agentic future, positioning the platform as AI‑native, open, and secure. He argued that multicloud and multi‑AI are essential for resilience and highlighted AI-driven SOC automation outcomes including a 90% reduction in mitigation time and Triage and Investigation tasks collapsed from 30 minutes to 60 seconds using Gemini. The integration of Wiz was presented as a way to secure self‑hosted and multicloud AI lifecycles, while a new whitepaper and the Gemini Enterprise Agent Platform outline governance, prompt sanitization, and agent identity controls.

🔐 At RSAC 2026, Google Cloud leaders outlined a three-stage AI adoption journey—automate tasks, redesign workflows, and rethink functions—and stressed the need for a bilingual workforce fluent in both domain and AI. They warned that AI expands the attack surface across models, agents, and data, urging multi-model, multicloud resilience and identity-centric defenses. Google highlighted the Secure AI Framework, partnerships to counter supply-chain threats like OpenClaw, and agentic SOC innovations, including the acquisition of Wiz and its AI-Application Protection Platform.

🔒 Google Cloud outlined a coordinated set of AI-driven security advances at RSAC ’26, anchored by the completed acquisition of Wiz and new agentic defense capabilities. The company highlighted Mandiant's M-Trends 2026 findings on rapid adversary operations and published guidance on AI risk and resilience. Previewed offerings include Google Security Operations with autonomous triage agents, dark web intelligence powered by Gemini, and expanded protections across model, data, and network security.

🔐 Google has completed its acquisition of Wiz, which will join Google Cloud while retaining the Wiz brand. The combined offering delivers an AI-powered cloud security platform that unifies visibility across cloud, hybrid, and multicloud environments to prevent, detect, and respond to threats. Customers can expect continued support for AWS, Azure, Oracle, and on-premises systems, along with integrations to Google Threat Intelligence and Mandiant consulting. The acquisition is positioned to accelerate AI-native security capabilities, simplify code-to-cloud defenses, and reduce operational toil for security teams.

🔒 New Kubernetes clusters are probed and often attacked within minutes, with honeypots run by Palo Alto Networks, Wiz and Aqua Security showing initial compromise attempts in roughly twenty minutes and repeated automated scans against container ports. The platform's permissive defaults and complex model make standard cloud controls insufficient. Organizations should adopt Kubernetes-specific controls: harden and automate RBAC, isolate workloads with network and namespace policies, store secrets in dedicated key management services, perform regular audits, and train developers on platform-specific threats and secure CI/CD practices.

🛡️Wiz has built a 257-challenge benchmark suite to evaluate AI agents across five offensive security domains: zero-day discovery, CVE detection, API security, web security, and cloud security. Tests run inside isolated Docker containers with no per-challenge timeouts, use deterministic scoring rubrics, and give each agent three attempts per challenge. The vendor-agnostic framework measures capability rather than throttling, and in Wiz's announcement Claude Code on Claude Opus 4.6 narrowly topped the trials, with Gemini 3 Pro placing second.

🔒 The European Commission has given unconditional approval for Google's $32 billion acquisition of cloud security vendor Wiz, removing a major regulatory hurdle. The clearance lets Google Cloud fold Wiz's multi‑cloud security capabilities into its stack while regulators found no meaningful competition harm. Analysts warn the tie-up could accelerate hyperscaler-led security consolidation, raise long-term lock-in risks, and shift incentives away from cloud neutrality.

⚠️ Developers must immediately upgrade React 19 and affected frameworks such as Next.js after researchers at Wiz disclosed a critical deserialization vulnerability in the React Server Components (RSC) Flight protocol that can enable remote code execution. The flaw exists in default configurations and impacts React 19.0.0, 19.1.0, 19.1.1 and 19.2.0, while Next.js 15.x and 16.x App Router deployments received a related CVE. Upgrade to the latest vendor-recommended releases now and follow the React blog's guidance.

🚨 A maximum-severity remote code execution vulnerability in React Server Components (CVE-2025-55182, CVSS 10.0) allows unauthenticated attackers to execute arbitrary JavaScript by sending crafted payloads to Server Function endpoints. Affected npm packages include react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack in specific 19.x releases; fixes are available in 19.0.1, 19.1.2, and 19.2.1. The issue also impacts Next.js (CVE-2025-66478, CVSS 10.0) across multiple releases and has been patched in a series of 15.x and 16.x updates. Security firm Wiz reports roughly 39% of cloud environments host vulnerable instances; apply patches immediately.

🔍 In his November roundup, ESET Chief Security Evangelist Tony Anscombe highlights major cybersecurity developments that warrant attention. He draws attention to Wiz's finding that API keys, tokens and other sensitive credentials were exposed in repositories at several leading AI companies, and to a joint advisory revealing the Akira ransomware group's estimated $244 million takings. Tony also flags privacy concerns around X's new location feature, outlines how Australia intends to enforce a proposed under‑16 social media ban, and notes a Europol/Eurojust operation that disrupted malware families including Rhadamanthys.

🔒 Cloud security posture management (CSPM) combines threat intelligence, continuous detection, and automated remediation to find and fix cloud misconfigurations that can expose data. Customers—not cloud providers—are responsible for configuring and protecting workloads, so organizations must select CSPM that delivers multicloud visibility, integrated data security, and policy-driven automated remediation. Modern offerings increasingly fold CSPM into broader CNAPP and SSE suites from vendors such as Wiz, Palo Alto Networks, Tenable, and CrowdStrike, making coverage, integration, and operational model critical factors in vendor selection.

🔒 Google Cloud is launching the Google Unified Security Recommended program to validate deep integrations between its security portfolio and third-party vendors. Inaugural partners CrowdStrike, Fortinet, and Wiz bring endpoint, network, and multicloud CNAPP capabilities into Google Security Operations. Partners commit to cross-product technical integration, a collaborative support model, and investment in AI initiatives such as the model context protocol (MCP). Qualified solutions will be available via Google Cloud Marketplace for simplified procurement and consolidated billing.

🔐 New research by cloud security firm Wiz found verified secret leaks in 65% of the Forbes AI 50, with API keys and access tokens exposed on GitHub. Some credentials were tied to vendors such as Hugging Face, Weights & Biases, and LangChain, potentially granting access to private models, training data, and internal details. Nearly half of Wiz’s disclosure attempts failed or received no response. The findings highlight urgent gaps in secret management and DevSecOps practices.

🔒 Researchers at Wiz found that careless developers published Visual Studio extensions to the VSCode Marketplace and OpenVSX containing more than 550 validated secrets across over 500 extensions, including API keys and personal access tokens for providers such as OpenAI, AWS, GitHub, Azure DevOps, and multiple databases. The primary cause was bundled dotfiles (notably .env) and hardcoded credentials in source and config files, with AI-related configs and build manifests also contributing. Microsoft and OpenVSX collaborated with Wiz on coordinated remediation: notifying publishers, adding pre-publication secrets scanning, blocking verified secrets, and prefixing OVSX tokens to reduce abuse.

🚨 A phishing attack against maintainer Josh Junon (qix) led to a widespread compromise of highly popular npm packages, including chalk and debug-js, whose combined footprint exceeds billions of weekly downloads. The attacker pushed malicious updates that attempted to steal cryptocurrency by swapping wallet addresses, but the community discovered and removed the tainted releases within two hours. According to Wiz, the compromised modules reached roughly 10% of cloud environments in that short window, yet the actor ultimately profited only minimally as the injected payload targeted browser crypto-signing and yielded just a few hundred dollars at most.

⚠️ Security researchers warn a supply‑chain attack on npm briefly propagated trojanized versions of widely used packages after the developer account qix was hijacked via social engineering. The malicious updates contained crypto‑stealing payloads that could rewrite wallet recipients in browsers if bundled into frontend builds. Vendor Wiz reports the code was present in about 10% of cloud environments during a two‑hour window, and JFrog says additional accounts, including DuckDB, were impacted. Organizations are advised to blocklist affected versions, rebuild from clean caches, invalidate CDN assets, and hunt for affected bundles and anomalous signing activity.

🔒 In January 2025 Wiz Research discovered a publicly accessible ClickHouse database belonging to Chinese AI firm DeepSeek, exposing over one million log streams that included chat histories and secret keys. The issue was reported and quickly closed, but the event highlights how misconfigurations and human error can expose sensitive data. To reduce risk, organisations should adopt least-privilege access, deploy DLP solutions, classify high-risk data and provide ongoing staff training.

🔒 A sophisticated supply-chain attack targeted the widely used Nx build-system packages on the npm registry, exposing developer credentials and sensitive files. According to a report from Wiz, attackers published malicious Nx versions on August 26, 2025 that harvested GitHub and npm tokens, SSH keys, environment variables and cryptocurrency wallets. The campaign uniquely abused installed AI CLI tools (for example, Claude and Gemini) by passing dangerous permission flags to exfiltrate file-system contents and perform reconnaissance, then uploaded roughly 20,000 files to attacker-controlled public repositories. Organizations should remove affected package versions, rotate exposed credentials and inspect developer workstations and CI/CD pipelines for persistence.