🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

A couple of months ago, we at Wiz discovered a container escape vulnerability in the NVIDIA Container Toolkit, which impacts many cloud and AI SaaS providers. We're finally able to share the technical details. wiz.io/blog/nvidia-ai…

ICYMI, #Pwn2Own will have an AI category this year! Looks like our team has already pwned 2 of these targets👀 Ollama CVE-2024-37032: wiz.io/blog/probllama… NVIDIA Container Toolkit CVE-2024-0132: wiz.io/blog/nvidia-ai… Maybe we should look at the rest of the targets too😎

1/ 🚨Recently, our research team found CVE-2025-25182, A critical security finding in Government Communications Headquarters (GCHQ), the UK's intelligence and security agency, maintained project, Stroom.

🚀 We're excited to share our brand-new paper! Introducing “Superscopes”—an effective new method to uncover hidden meanings from an LLM's thinking process! Superscopes amplifies subtle internal features in LLMs, revealing weak yet meaningful features that previous methods

Wiz ❤️ Google  Today we are announcing Google’s agreement to acquire Wiz.  Is it major news? Absolutely. Does it change our focus? Nope. We will only gain velocity on our mission to empower organizations to adopt AI and cloud securely.     🧵

#IngressNightmare: Wiz Research uncovers a critical vulnerability in Ingress-NGINX 🚨 Wiz Research found a novel attack vector in one of Kubernetes's most fundamental projects, Ingress-NGINX, which is rated CVSS 9.8.

I had a lot of fun working on this research! * Unauthenticated RCE? ✅ * Overlooked attack vector in Kubernetes? ✅ * Nginx quirks? ✅ * Stable & reliable exploit? ✅ Check out the thread for details about the vulnerability we found in Ingress Nginx Controller 👇

TIL that AFL++ has an April Fools' Easter egg 😂

Game changer 🥁🙈

Marvelous! Benny Isaacs, Nir Brakha, Sagi Tzadik (sagitz) of Wiz Research successfully popped Redis in the AI category. They head off to see if they are the second full win for AI in #Pwn2Own history. #P2OBerlin

Double whammy! Nir Ohfeld (Nir Ohfeld) Shir Tamari (Shir) of Wiz Research kick off their Day 3 with an exploit of the NVIDIA Container Toolkit. They weren't confident, the their exploit hit on the first try. Off to the disclosure room with them. #Pwn2Own

Amazing! Nir Ohfeld (Nir Ohfeld) Shir Tamari (Shir) of Wiz Research used a External Initialization of Trusted Variables bug to exploit the #NVIDIA Container Toolkit. This unique bug earns them $30,000 and 3 Master of Pwn points.

Most points in the AI category at the recent Trend Zero Day Initiative Pwn2Own! 🥳

Something I’m incredibly proud of is finally live. We've launched the Cloud Security Championship: a 12-month series of deep-dive challenges, each crafted by a different top Wiz researcher. The first challenge is up. Go! cloudsecuritychampionship.com

We found a new container escape affecting all container runtimes using @NVIDIA GPUs. The crazy part? The exploit is just three lines long 🤯 This is the story of #NVIDIAScape 🧵👇

🚨 TraderTraitor: North Korea's cyber "traitor" inside the crypto world. This hacking crew hijacks dev workflows, poisons open-source, and compromises cloud environments — all to steal billions in crypto. Here's how they do it 🧵

I hacked a popular vibe coding platform with a simple, straight-forward logic flaw - allowing access to private applications . Here’s how I did it 🧵

🏆 Can you escape a container & become THE ULTIMATE CLOUD SECURITY CHAMPION? This month's scenario was crafted by sagitz to explore container escape techniques, the same kind of risks we'll be diving into at Black Hat ! Challenge #2 👉 cloudsecuritychampionship.com/challenge/2

Are you up for a challenge? I authored a container security challenge for the Wiz Ultimate Cloud Security Championship 🤩 Put your skills to the test and try it out! 👇 cloudsecuritychampionship.com/challenge/2

When we asked sagitz to create a container escape challenge, we honestly didn't believe he'd go this far 😲 The result is a really cool challenge that requires lots of creativity and solid technical skills. Think you got what it takes? 💫 cloudsecuritychampionship.com/challenge/2