The Leader in Cloud Security Research

A stylized graphic showing the number 10 covered by approaching clouds

10 Most Popular AI Models of 2025

According to Gartner, worldwide spending on generative AI is set to reach $644 billion (USD) in 2025, a nearly 77% year-over-year increase. That level of investment underscores the growing importance of AI to modern business strategy. Yet capturing real value from AI requires more than enthusiasm and budget—it demands a clear understanding of the underlying …

August 18, 2025
By Bar Kaduri & others

Latest

‘Orca Watch’ Series
New ‘ToolShell’ Exploit Chain Targets SharePoint Servers via CVE-2025-53770 and CVE-2025-53771
- July 22, 2025
Research
Azure Machine Learning Escalation: When Pipelines Go Off the Rails
- July 02, 2025
Research Reports
2025 State of Cloud Security Report: Cloud Risks Surge Amid Expanding AI Adoption
- June 05, 2025
Research
CVE-2025-31324 Exploited in the Wild: What We’ve Found in the Aftermath
- May 21, 2025

All Latest

Explore

Discovered Vulnerabilities

A stylized image of a sea captain navigating a ship during rough waters

Kubernetes CRD Abstraction Risks in kro

Executive Summary: What is kro? Kube Resource Orchestrator (kro, pronounced “crow”) is an alpha experimental open-source project maintained by AWS, Google Cloud and Azure. Kro helps users create application stacks through dynamic construction of Custom Resources. It introduces a native way to manage any group of Kubernetes resources as a single unit, which may encourage …

May 13, 2025
By Roi Nisimi

IngressNightmare Ingress NGINX Vulnerabilities

‘IngressNightmare’: Critical Vulnerabilities in Ingress NGINX Controller Allow Unauthenticated Remote Code Execution

March 25, 2025

Oracle Cloud Breach Exploiting CVE-2021-35587: How to Protect Your Organization

March 22, 2025

GitHub Action Compromised: tj-actions/changed-files Malicious Commit

March 17, 2025

Security Briefing: Apache Struts Vulnerability CVE-2024-53677

December 19, 2024

All Discovered Vulnerabilities

In the News

All In the News

10 Most Popular AI Models of 2025

Latest

New ‘ToolShell’ Exploit Chain Targets SharePoint Servers via CVE-2025-53770 and CVE-2025-53771

Azure Machine Learning Escalation: When Pipelines Go Off the Rails

2025 State of Cloud Security Report: Cloud Risks Surge Amid Expanding AI Adoption

CVE-2025-31324 Exploited in the Wild: What We’ve Found in the Aftermath

Explore

Discovered Vulnerabilities

Kubernetes CRD Abstraction Risks in kro

‘IngressNightmare’: Critical Vulnerabilities in Ingress NGINX Controller Allow Unauthenticated Remote Code Execution

Oracle Cloud Breach Exploiting CVE-2021-35587: How to Protect Your Organization

GitHub Action Compromised: tj-actions/changed-files Malicious Commit

Security Briefing: Apache Struts Vulnerability CVE-2024-53677

‘Orca Watch’ Series

New ‘ToolShell’ Exploit Chain Targets SharePoint Servers via CVE-2025-53770 and CVE-2025-53771

Security Briefing: Apache Struts Vulnerability CVE-2024-53677

Mitigating CVE 2024-38063: Critical RCE Vulnerability On Windows Systems With IPv6

Addressing CrowdStrike on Cloud VMs in AWS with Automated Remediation

How to Remediate CrowdStrike Falcon Windows Outages with Orca

Technical Deep Dives

Watch the Typo: Our PoC Exploit for Typosquatting in GitHub Actions

Kubernetes Testing Environment: An Open Source Resilience Platform for EKS, GKE and AKS

Meet AI Goat: The First Open Source AI Security Learning Environment Based on the OWASP Top 10 ML Risks

The Five Most Common AI Model Risks and How to Prevent Them

Leveraging Nuclei Templates to Identify Risks and Threats in Critical Cloud Applications

Thought Leadership

10 Most Popular AI Models of 2025

Bringing Memory to AI: A Look at A2A and MCP-like Technologies Across Platforms

In the News

The 10 Hottest Cybersecurity Tools And Products Of 2025 (So Far)

From ’Shadow AI’ To Agentic Anarchy, AI-SPM Is Key To Visibility: Experts

Cloud security faces mounting threats, Orca warns

2025 State of Cloud Security Report: Hunting threats in the age of relentless risk

Featured

10 Most Popular AI Models of 2025

Latest

New ‘ToolShell’ Exploit Chain Targets SharePoint Servers via CVE-2025-53770 and CVE-2025-53771

Azure Machine Learning Escalation: When Pipelines Go Off the Rails

2025 State of Cloud Security Report: Cloud Risks Surge Amid Expanding AI Adoption

CVE-2025-31324 Exploited in the Wild: What We’ve Found in the Aftermath

Discovered Vulnerabilities

Kubernetes CRD Abstraction Risks in kro

‘IngressNightmare’: Critical Vulnerabilities in Ingress NGINX Controller Allow Unauthenticated Remote Code Execution

Oracle Cloud Breach Exploiting CVE-2021-35587: How to Protect Your Organization

GitHub Action Compromised: tj-actions/changed-files Malicious Commit

Security Briefing: Apache Struts Vulnerability CVE-2024-53677

‘Orca Watch’ Series

New ‘ToolShell’ Exploit Chain Targets SharePoint Servers via CVE-2025-53770 and CVE-2025-53771

Security Briefing: Apache Struts Vulnerability CVE-2024-53677

Mitigating CVE 2024-38063: Critical RCE Vulnerability On Windows Systems With IPv6

Addressing CrowdStrike on Cloud VMs in AWS with Automated Remediation

How to Remediate CrowdStrike Falcon Windows Outages with Orca

Technical Deep Dives

Watch the Typo: Our PoC Exploit for Typosquatting in GitHub Actions

Kubernetes Testing Environment: An Open Source Resilience Platform for EKS, GKE and AKS

Meet AI Goat: The First Open Source AI Security Learning Environment Based on the OWASP Top 10 ML Risks

The Five Most Common AI Model Risks and How to Prevent Them

Leveraging Nuclei Templates to Identify Risks and Threats in Critical Cloud Applications

Thought Leadership

10 Most Popular AI Models of 2025

Bringing Memory to AI: A Look at A2A and MCP-like Technologies Across Platforms

The 10 Hottest Cybersecurity Tools And Products Of 2025 (So Far)

From ’Shadow AI’ To Agentic Anarchy, AI-SPM Is Key To Visibility: Experts

Cloud security faces mounting threats, Orca warns

2025 State of Cloud Security Report: Hunting threats in the age of relentless risk