Live

Intelligence Feed

Latest threat intelligence articles from trusted security sources, auto-processed to extract entities, IoCs, and TTPs.

Filtered by source: wiz Clear filter
AI Threat Readiness Pillar 4: Detect and contain threats in real-time

2h ago · wiz

The article discusses the evolving threat landscape in the AI era, emphasizing the need for real-time detection and containment of threats that leverage AI-driven techniques such as prompt injection, supply chain abuse, and exploitation of cloud-native AI services. Traditional detection methods are insufficient due to limited visibility, high false positive rates, and slow manual response times. Wiz addresses these challenges by providing comprehensive telemetry across cloud, workload, identity, and AI model layers, enabling automated investigation with the Blue Agent and rapid containment via orchestrated workflows.

How AI Is Rewriting the SecOps Playbook

2h ago · wiz

AI is transforming both offensive and defensive cybersecurity operations by accelerating software development and exploit creation. Attackers are leveraging AI to shorten exploitation timelines, challenging the traditional assumption that defenders have time to respond. Defenders can gain an advantage by using AI to maintain continuous, context-rich understanding of their environments across cloud, workload, and model layers, enabling faster and more accurate incident response.

Uncovering Hidden Attack Paths in Cloud Environments Using Runtime Signals

2h ago · wiz

Wiz introduces runtime signals in its Security Graph to uncover hidden attack paths in cloud environments by correlating live network connections with existing risk findings. This new capability reveals previously invisible threats, such as internet-facing AI chatbots with vulnerabilities that actively connect to external MCP servers or sensitive data stores. By integrating real-time telemetry from workloads, Wiz identifies complete, validated attack paths—like a vulnerable container with a live connection to an S3 bucket containing PII—enabling security teams to prioritize and remediate critical risks before exploitation.

MCP Auto-Execution: From Git Clone to Cloud Compromise in Amazon Q VS Code Extension

2h ago · wiz

Wiz Research discovered a high-severity vulnerability (CVE-2026-12957) in the Amazon Q Developer Extension for VS Code that allowed arbitrary code execution and cloud credential theft when a developer opened a malicious repository. The vulnerability stemmed from the extension automatically loading and executing MCP server configurations from workspace files without user consent. Combined with full environment inheritance, this enabled immediate execution of malicious commands with access to cloud credentials, posing a significant risk to developers and cloud environments.

2 IoCs
The Red Agent POV: Exploiting Broken Object-Level Authorization in an Airline GraphQL API

2h ago · wiz

The Red Agent, an autonomous AI-powered security testing tool, discovered a critical Broken Object-Level Authorization (BOLA) vulnerability in an airline's public GraphQL booking API. By exploiting sequential integer identifiers without backend authorization checks, the agent gained unauthenticated access to sensitive passenger data, including personal information, contact details, billing addresses, and active flight itineraries. The vulnerability allowed full read and write capabilities, enabling data exfiltration and unauthorized modifications to bookings, demonstrating a systemic authorization flaw in the API's resolver layer.

1 IoCs
The Borderless Attack Surface: Securing Public Sector Hybrid Environments

2h ago · wiz

The article discusses the growing complexity of securing hybrid cloud environments within the U.S. public sector, where interconnected systems expand the attack surface. It highlights how traditional, siloed security tools fail to provide context-aware risk assessment, leading to inefficient remediation. Wiz Exposure Management (Wiz XM) is presented as a solution that unifies on-premises and cloud telemetry to prioritize real, exploitable risks by correlating vulnerabilities with network exposure and mission impact.

Bridging the Visibility Gap: A Unified Security Operating Model for Hybrid Cloud Teams

2h ago · wiz

The article discusses Wiz's expansion of its security platform to support hybrid cloud environments, introducing the Sensor Workload Scanner (WLS) for on-premise infrastructure. It emphasizes unified risk visibility across cloud and on-premise systems, enabling security teams to detect attack paths such as exposed credentials and vulnerable workloads. The solution integrates runtime threat detection, attack surface management, and automated remediation to prioritize real, exploitable risks over isolated vulnerabilities.

Start Secure in the AI Era: Accelerating AI Threat Readiness with WizOS

2h ago · wiz

The article discusses the growing threat of AI-driven exploitation, where frontier AI models can autonomously discover vulnerabilities and generate exploits, drastically reducing the window for response. It emphasizes the importance of minimizing attack surface and improving response times, particularly through the use of hardened container base images. WizOS is introduced as a solution to reduce CVE exposure, mitigate supply chain risks, and accelerate mean time to remediate (MTTR) through automation and integration with AI coding agents.

Breaking Down the White House’s Actions on Post-Quantum Cryptography Readiness

2h ago · wiz

The White House has issued Executive Order 14409 and the OMB released memorandum M-26-15 to accelerate federal agency migration to post-quantum cryptography (PQC) due to emerging threats from quantum computing. The initiative mandates strict timelines for transitioning High Value Assets and High Impact Systems to NIST-approved PQC standards by 2030–2035, with a focus on risk-based prioritization, automation, and cryptographic inventory management. The effort extends to government contractors and critical infrastructure, requiring compliance with PQC standards and integration into cloud modernization efforts to mitigate 'Harvest Now, Decrypt Later' risks.

Build AI Security Agents with Wiz MCP

2h ago · wiz

The article introduces Wiz MCP, a platform enabling AI-driven security workflows by connecting AI assistants and custom agents to the Wiz Security Graph. It allows security teams to automate tasks such as vulnerability triage, threat investigation, and compliance monitoring using trusted context and predefined security skills. The focus is on enhancing AI-powered security operations rather than reporting active cyber threats or adversary activity.