sagitz
@sagitz_
Cloud Security Researcher at @wiz_io • Microsoft Most Valuable Researcher 21/22/23 • Black Hat Speaker
We found a Remote Code Execution (RCE) vulnerability in @Ollama - one of the most popular AI inference projects on GitHub. Here is everything you need to know about #Probllama (CVE-2024-37032) 🧵👇
🚨 TraderTraitor: North Korea's cyber "traitor" inside the crypto world. This hacking crew hijacks dev workflows, poisons open-source, and compromises cloud environments — all to steal billions in crypto. Here's how they do it 🧵
We found a new container escape affecting all container runtimes using @NVIDIA GPUs. The crazy part? The exploit is just three lines long 🤯 This is the story of #NVIDIAScape 🧵👇
Something I’m incredibly proud of is finally live. We've launched the Cloud Security Championship: a 12-month series of deep-dive challenges, each crafted by a different top Wiz researcher. The first challenge is up. Go! cloudsecuritychampionship.com
Most points in the AI category at the recent @thezdi Pwn2Own! 🥳
🏆 Wiz Research took 1st place in #Pwn2Own's first-ever AI category, competing against global teams targeting critical AI infrastructure. Huge thanks to our incredible research team! @nirohfeld, @shirtamari, @ronenshh, @benny_isaacs, @sagitz_ & Nir Brakha!
Amazing! Nir Ohfeld (@nirohfeld) Shir Tamari (@shirtamari) of Wiz Research used a External Initialization of Trusted Variables bug to exploit the #NVIDIA Container Toolkit. This unique bug earns them $30,000 and 3 Master of Pwn points.
Double whammy! Nir Ohfeld (@nirohfeld) Shir Tamari (@shirtamari) of Wiz Research kick off their Day 3 with an exploit of the NVIDIA Container Toolkit. They weren't confident, the their exploit hit on the first try. Off to the disclosure room with them. #Pwn2Own
Marvelous! Benny Isaacs, Nir Brakha, Sagi Tzadik (@sagitz_) of Wiz Research successfully popped Redis in the AI category. They head off to see if they are the second full win for AI in #Pwn2Own history. #P2OBerlin
Game changer 🥁🙈
Introducing Multiverse: the first AI-generated multiplayer game. Multiplayer was the missing piece in AI-generated worlds — now it’s here. Players can interact and shape a shared AI-simulated world, in real-time. Training and research cost < $1.5K. Run it on your own PC. We…
I had a lot of fun working on this research! * Unauthenticated RCE? ✅ * Overlooked attack vector in Kubernetes? ✅ * Nginx quirks? ✅ * Stable & reliable exploit? ✅ Check out the thread for details about the vulnerability we found in Ingress Nginx Controller 👇
We (+@sagitz_ @ronenshh @hillai) found a series of unauthenticated RCEs in core @KubernetesIO project "Ingress-NGINX". The impact? From zero permissions ➡️ to complete cluster takeover 🤯 This is the story of #IngressNightmare 🧵⬇️
#IngressNightmare: Wiz Research uncovers a critical vulnerability in Ingress-NGINX 🚨 Wiz Research found a novel attack vector in one of Kubernetes's most fundamental projects, Ingress-NGINX, which is rated CVSS 9.8.
Wiz ❤️ Google Today we are announcing Google’s agreement to acquire Wiz. Is it major news? Absolutely. Does it change our focus? Nope. We will only gain velocity on our mission to empower organizations to adopt AI and cloud securely. 🧵
🚀 We're excited to share our brand-new paper! Introducing “Superscopes”—an effective new method to uncover hidden meanings from an LLM's thinking process! Superscopes amplifies subtle internal features in LLMs, revealing weak yet meaningful features that previous methods…
1/ 🚨Recently, our research team found CVE-2025-25182, A critical security finding in Government Communications Headquarters (GCHQ), the UK's intelligence and security agency, maintained project, Stroom.
ICYMI, #Pwn2Own will have an AI category this year! Looks like our team has already pwned 2 of these targets👀 Ollama CVE-2024-37032: wiz.io/blog/probllama… NVIDIA Container Toolkit CVE-2024-0132: wiz.io/blog/nvidia-ai… Maybe we should look at the rest of the targets too😎
Announcing #Pwn2Own Berlin! We're moving our enterprise-focused event to @offensive_con and introducing an AI category. More than $1,000,000 in cash & prizes (Incl. a Tesla) are available to win. Check out the details at zerodayinitiative.com/blog/2025/2/24…
A couple of months ago, we at @wiz_io discovered a container escape vulnerability in the NVIDIA Container Toolkit, which impacts many cloud and AI SaaS providers. We're finally able to share the technical details. wiz.io/blog/nvidia-ai…
BREAKING: Internal #DeepSeek database publicly exposed 🚨 Wiz Research has discovered "DeepLeak" - a publicly accessible ClickHouse database belonging to DeepSeek, exposing highly sensitive information, including secret keys, plain-text chat messages, backend details, and logs.
🚨CVE ALERT! While working with Nuclei @wiz_io, I discovered CVE-2024-43405, a vulnerability that bypasses template signature verification, potentially allowing malicious code execution on machines running Nuclei 🛡️ Here’s what you need to know: 🧵
EC2s can have more than one IAM role, and there are more magic IPs on AWS for getting creds beyond 169.254.169.254. Learn more: wiz.io/blog/the-many-…
I was looking into how organizations deploy Spring Boot Actuator in the cloud and found 1 in 4 exposed Actuators had security flaws leading to data leaks or RCE. These risks are more common than you'd think..⚠️