Dark Mode is now live across the Upwind console for all users, giving security teams greater control over how they experience the platform so they can work more comfortably, stay focused longer, and adapt the interface to their environment, without changing workflows, data, or collaboration. Security work doesn’t happen in neat, predictable blocks of time. […]

Executive Summary: The Three-Headed Mystery Shai-Hulud 3.0, the sandworm, is back. But is it a new monster, or just the same old worm with a new trick? The security community is currently buzzing about rumors of “Shai-Hulud 3.0.” Reports suggest the sandworm has returned and panic levels are high. But when we look at the […]

We’re excited to announce that ISO/IEC 27001 and ISO/IEC 27002 frameworks are generally available across the Upwind platform. This release enables organizations to apply globally recognized information security standards more effectively within modern cloud environments, without sacrificing the governance rigor they are designed to provide. As cloud environments continue to grow in scale and complexity, […]

Executive Summary CVE-2025-68664 is a critical serialization injection vulnerability in LangChain that affects how data is serialized using dumps() and dumpd(), and later reconstructed using load() and loads(). The issue stems from a failure to properly escape user-controlled dictionaries that contain the reserved lc key. Because this key is used internally by LangChain to represent […]

Executive Summary A critical unauthenticated vulnerability (CVE-2025-14847) has been identified in MongoDB Server, affecting how the database processes zlib-compressed network traffic. Under specific conditions, a remote attacker can trigger MongoDB to return uninitialized heap memory as part of a server response. Because this data originates from process memory, it may contain fragments of previously handled […]

Today, we’re excited to announce expanded configuration override settings, a new set of capabilities that give teams greater control over how configuration risk is prioritized. With support for rule-level severity overrides and in-platform commenting, teams can now apply context and collaborate directly where risk decisions are made. Earlier this year, we introduced Upwind’s Open Source Security model, along […]

In the past decade, the cloud revolution evolved into a major movement – one that introduced a new and complex attack surface. Attackers are increasingly targeting public cloud environments, leveraging misconfigurations and native cloud features to gain initial access, establish persistence, and achieve their malicious objectives. In this article, we dive into attack vectors in […]

Today, we’re excited to announce the general availability of Upwind’s new End of Life (EOL)  and End of Support (EOS) Visibility, now accessible to all customers and POCs. This feature brings clarity to lifecycle risk across cloud environments and represents a meaningful advancement in strengthening operational resilience. Importantly, this capability was shaped directly by customer […]

Today, we’re excited to introduce GitLab Automated Repository Scanning, a major upgrade to Upwind’s Shift-Left security capabilities that brings automatic, real-time scanning directly into the GitLab merge request workflows. With this new capability, every merge request across all your GitLab repositories is scanned the moment it’s opened, without requiring developers to modify CI/CD pipelines or […]

Artificial intelligence is rapidly becoming embedded in core engineering workflows. Organizations are integrating LLMs into customer-facing applications, code generation pipelines, triage automation, and even parts of their CI/CD and cloud-management ecosystems. But the moment AI crossed into production, a new reality emerged: AI vulnerabilities behave fundamentally differently from traditional software vulnerabilities. They don’t follow the […]