After hackerbot-claw, another AI-powered campaign exploiting pull_request_target confirms the threat is here to stay. We trace the attacker back to three weeks before anyone noticed.
A compromised axios maintainer account led to malicious npm releases that propagated across environments. Learn how to assess impact, detect compromise, and secure your development workflows.
How TeamPCP are leveraging stolen secrets from the recent supply chain attacks to compromise cloud environments
Accelerate your SecOps team with the Blue Agent for threat investigation, now Generally Available
Verified by Microsoft. Built for Azure. Secured by Wiz.
Accelerate your path to Zero Criticals with AI that investigates, assigns, and guides cloud remediation for you
Orchestrate customizable workflows with agents, enabling end-to-end discovery and response in Wiz
LiteLLM is the latest victim of TeamPCP’s open-source attack spree. Malicious versions 1.82.7 and 1.82.8 abuse Python’s .pth mechanism for stealthy persistence. The malware exfiltrates cloud credentials, CI/CD secrets, and keys to attacker-controlled domains.
Checkmarx KICS scanner is the latest victim of a credential-stealing supply chain attack by TeamPCP. Between 12:58–16:50 UTC on March 23, 35 tags were hijacked. Learn how to audit your workflows, identify malicious activity, and secure your GitHub Actions.
Red Agent is an AI-powered, context-aware attacker that uncovers complex exploitable risks across your entire attack surface, continuously and at scale.
Secure every layer of AI applications — infrastructure, data, access, models, agents, and applications — from code to runtime, across every environment you build in.
A new security operating model powered by AI agents that removes bottlenecks and enables teams to act at the speed of AI
Understanding and detecting AI-driven behavior across model, workload, and cloud
On March 19, 2026, threat actors injected credential-stealing malware into Aqua Security’s Trivy scanner and related GitHub Actions. Learn how "TeamPCP" executed this breach and how to audit your environment.
This post will look at the past 20 years of cloud security research, separating the two decades into eras with important milestones defined that resulted in the change of one era to the next.
Bienvenue dans une nouvelle ère de la sécurité du cloud et de l'IA.
Identify real AI risk by connecting signals in context across the layers of AI applications.
Experience full Wiz security with zero friction, managing multiple tenants in a single console
In the final part of our series, we explore Reactive Risk Management. Discover how Wiz for U.S. Government transforms cloud detection and response to help satisfy FedRAMP Rev 5 IR controls and FedRAMP 20x detection benchmarks.
Strengthening secure cloud modernization for Spain’s public sector through CPSTIC certification.
AI applications span models, agents, and cloud environments in ways traditional security tools weren’t designed to understand. Here’s why visibility breaks — and how a new, implementation-agnostic approach helps teams safely adopt AI.
In the third part of our series, we explore Preventative Risk Management. We discuss how shifting security into the development lifecycle helps organizations meet FedRAMP requirements.
Bring Wiz cloud security insights into your Notion workspace with Custom Agents — enabling automated reporting, investigation, and security workflows where teams already work.
Wiz has been recognized in the 2026 Latio Application Security Report. Wiz was spotlighted and awarded four distinct badges, reflecting our continuous commitment to protecting applications all the way from code to runtime.
Coordinated Multi-Agent Investigation and Remediation
