We’re excited to announce that the new “By Finding” view is now live in the Upwind Vulnerability Management module, enabling security teams to triage vulnerabilities faster and more flexibly across their entire cloud environment. As cloud-native infrastructure continues to scale across clusters, container images, packages, and services, security teams need vulnerability management workflows that are […]

Executive Summary CVE-2026-1470 is a critical remote code execution (RCE) vulnerability in the n8n workflow automation platform. The flaw stems from unsafe evaluation of user-supplied workflow expressions, allowing authenticated users to execute arbitrary JavaScript code within the n8n runtime and fully compromise the instance. Exploitation requires low privileges, no user interaction, and impacts all unpatched […]

Two years after coming out of stealth, Upwind has become the unicorn that solves cloud security better than anyone else. Today, we are raising $250M in our Series B funding round, bringing total investment in Upwind to over $430M. This makes Upwind one of the most capitalized companies in the world focused on solving the […]

Cloud infrastructure has become more complex than ever. Environments are bigger, faster, and more interconnected. The explosion of data and the rapid adoption of AI have accelerated that complexity. Security teams are now managing risk in systems that change constantly and operate at unprecedented scale. The tools that got us here cannot take us where […]

I’m proud to share that Upwind has raised $250 million – a strong endorsement of our mission and direction. But this milestone is more than a number. It reflects strong customer confidence in our ability to address evolving AI and cloud security challenges. Today’s attackers leverage AI and autonomous agents to scan, exploit, and evade […]

Cloud security architecture rarely begins with a grand design. More often, it evolves through necessity, one decision at a time, shaped by scale, cost, and the operational realities of modern cloud environments. Looking back, that evolution follows a familiar path. It’s a journey many cloud security engineers have taken, divided into three distinct generations, each […]

We’re excited to announce the general availability of Global Search, enabling a simpler, more efficient way for all Upwind users to tame cloud security complexity. A More Direct Way to Navigate the Platform Security work often involves moving between dashboards, findings, graph views, and configuration workflows. Over time, even well-designed platforms can require more clicks […]

Today, Upwind Security is introducing Scanner Re-Evaluation. Our Scanner Re-Evaluation enables customers to instantly validate configuration fixes on demand, without waiting for scheduled scans. In modern cloud environments where change is constant and speed matters, this capability closes a critical gap between remediation and confidence. Cloud security doesn’t end when a misconfiguration is identified. For […]

Choppy AI is now generally available across the Upwind platform, marking a new chapter in how security teams understand risk, navigate complexity, and take action with confidence, at cloud scale. Cloud security has never been more powerful. At the same time, it’s never been more overwhelming. Modern environments generate enormous volumes of data, signals, and […]

Executive Summary CVE-2026-21858 (Ni8mare) is a critical unauthenticated remote code execution vulnerability in n8n, a widely used workflow automation platform. The flaw is caused by content-type confusion in webhook request handling, allowing attackers to forge uploaded files, read arbitrary local files, forge administrator sessions, and ultimately execute commands on the underlying host. The vulnerability affects […]