Upwind’s Head of Security Research Moshiko Hassan, MDR Lead Omer Idel, and Head of Marketing Denise Ashur discuss the GitHub Actions supply chain compromise, including how widespread it is and what users should do to mitigate.
Upwind’s Head of Security Research Moshiko Hassan, MDR Lead Omer Idel, and Head of Marketing Denise Ashur discuss the GitHub Actions supply chain compromise, including how widespread it is and what users should do to mitigate.
Modern AI systems, especially large language models (LLMs), are no longer isolated engines responding to static inputs. They’re evolving into intelligent agents, copilots, and autonomous systems that interact with their environment, reason over external data, and adapt in real time. But there’s a fundamental problem: LLMs are powerful, but they don’t know anything outside of […]
On April 16, 2025, a critical remote code execution (RCE) vulnerability in Erlang’s SSH library was publicly disclosed. Tracked as CVE-2025-32433, this vulnerability received the maximum possible CVSS score of 10.0, signaling how severe and exploitable it is, especially in environments relying on Erlang/OTP for SSH access. Overview What is CVE-2025-32433? Discovered by researchers at […]
Kubernetes administrators take note: a critical set of vulnerabilities in the popular ingress-nginx controller—collectively dubbed “IngressNightmare”—could put your entire cluster at risk. In particular, CVE-2025-1974, with a CVSS score of 9.8, allows attackers to take over Kubernetes clusters simply by exploiting the Validating Admission Controller feature. Because ingress-nginx runs in roughly 40% of Kubernetes deployments, […]