🚨 We found a critical vulnerability in the popular Vibe Coding Platform @base_44: No password. No invite. Full access.

🎉 200 WIN INTEGRATIONS? LET'S GOOOO! 💥.This milestone?.It's ALL YOU, our amazing community, customers, and partners who made it happen. 💙. Thank you, @Nasdaq, for your support and recognition. Let's keep the 'WIN's coming. 🏆.

RT @galnagli: I hacked a popular vibe coding platform with a simple, straight-forward logic flaw - allowing access to private applications….

The bigger story>> .As AI dev explodes, it's now core infrastructure, shared risks mean shared responsibility (and impact) if security's skipped. 🧠 Full breakdown →

Enterprises could have had their internal tools, AI chatbots, and private proprietary information exposed with a simple-to-exploit logic flaw. Our team responsibly disclosed the issue, and it was fixed by Base44 & Wix in under 24 hours.

Wiz Research just found a critical vulnerability in the popular vibe coding platform @base_44, recently acquired by Wix, that could have allowed anyone to access private applications.

🪝 Lures: Fake recruiters, coding challenges, even job platforms .💰 Hits: $308M from DMM Bitcoin, $1.5B from Bybit 🔁 Angle: Cloud-native compromise—from npm to S3 . Wiz Research breaks it down + shares IOCs:

🚨 TraderTraitor: North Korea's cyber "traitor" inside the crypto world. This hacking crew hijacks dev workflows, poisons open-source, and compromises cloud environments — all to steal billions in crypto. Here's how they do it 🧵

🚨 New research: A cryptomining campaign is hijacking exposed PostgreSQL, hiding payloads in fake 404 pages, and abusing legit infra. Multiplatform, stealthy, and still active 👉

What do CISOs talk about over a cocktail? EVERYTHING.🍸. Ryan sits down for a real talk with Andrew from WestCap. And trust us, the conversation is just as strong as the tequila. You've never seen CISOs like this. Watch now🍹 >>

The Q2 Wiz Rundown is LIVE & loaded with updates you'll *actually* care about. What's new? Here's a taste:.1) WizOS.2) Service Catalog.3) Vuln Treemap View.4) API Security.And more🔥. 👀 Watch the short vid, skip the long release notes 🗒️↓.

🚨 Research update: #ToolShell is back, and it just leveled up. Two new vulnerabilities in Microsoft SharePoint Server, CVE-2025-53770 (RCE) and CVE-2025-53771 (auth bypass), are being actively exploited in the wild. 🔓 Attackers are chaining them to >>.• Bypass authentication

🎩 Meet us at BlackHat 2025!.We are going all in at #BlackHat with CISOtopia, and here's your cheat sheet:. 📍 Booth #1946.🎤 3 killer Wiz talks:.🍸 Happy Hour with @Google & @Docker . See you there:

🚨 #NVIDIAscape: Your AI workloads might not be as safe as you think. Wiz Research uncovered a 3-line container escape vulnerability in the NVIDIA Container Toolkit. That means root access to your models, data, and infra. Full blog 👉

RT @nirohfeld: We found a new container escape affecting all container runtimes using @NVIDIA GPUs. The crazy part?.The exploit is just th….

🛠️ Full technical breakdown + mitigation steps in our latest blog:

🧱 With just three lines of code, attackers can escape containers and gain full root access to the host. That's your models, data, and GPU workloads — exposed. NVIDIA rated it 9.0. We think it's a sign: AI infra needs stronger walls.

🚨 NEW RESEARCH: #NVIDIAscape AI vulnerability uncovered! .Wiz Research discovered a critical vulnerability (CVE-2025-23266) in the NVIDIA Container Toolkit, the glue connecting containers to GPUs across major cloud providers.

The Wiz MCP Server is officially live on the AWS Marketplace AI Agents & Tools storefront!. We're so proud to be a launch partner for this brand new category at the @awscloud NY Summit today.

💡 Eden hosts @sherrod_im, @IssaUrbanGirl & @41thexplorer . Cloud chaos, career confessions & the future of cybersecurity. This one hits different. Listen now:.🍏 🎧 📺