Orca Security

4.4K posts

Orca Security banner
Orca Security

Orca Security

@orcasec

The agentless cloud security pioneer for #AWS, #Azure, #GoogleCloud, #Kubernetes and more.

Portland, OR Katılım Ocak 2019
1.8K Takip Edilen4.8K Takipçiler
Orca Security
Orca Security@orcasec·
RSA and ECC secure most of the internet. A capable enough quantum computer could break both. The real risk isn't years away. Adversaries are harvesting encrypted data now, banking on decrypting it later. We map where that exposure lives in your cloud. orca.security/resources/blog…
Orca Security tweet media
English
0
0
0
41
Orca Security
Orca Security@orcasec·
The 2026 State of AI Security Report is here. Teams are adopting AI faster than they can secure it. Exploits up 250x, agents running unwatched, infrastructure wide open by default. We break it all down here: orca.security/resources/blog…
Orca Security tweet media
English
2
0
2
74
Orca Security
Orca Security@orcasec·
🚨 CVE-2026-48282 (CVSS 10.0): Adobe ColdFusion RCE via path traversal in the RDS FILEIO handler. No auth needed. Attackers can drop a webshell and take the whole server, no login required. Exploited within hours of disclosure. orca.security/resources/blog…
Orca Security tweet media
English
0
0
2
120
Orca Security
Orca Security@orcasec·
Congrats to John Tavares, named to CRN's 2026 Inclusive Channel Leaders list. 🎉 He's spent his time at Orca opening real strategic conversations to diverse-owned partners and mentoring the next gen of channel leaders. Full feature: crn.com/rankings-and-l…
Orca Security tweet media
English
0
0
1
78
Orca Security
Orca Security@orcasec·
Most admission controllers enforce what the policy says. Not what your security platform already knows. Orca's Admission Controller closes that gap: same platform, same data, now enforcing at the gate too. Read how it works: orca.security/resources/blog…
Orca Security tweet media
English
0
0
1
78
Orca Security
Orca Security@orcasec·
🚨 Critical Langflow RCE (CVE-2026-33017, CVSS 9.8) is being actively exploited to deploy cryptominers on AI infrastructure. Patch to v1.9.0+ now. We've got the full breakdown 👇 orca.security/resources/blog…
Orca Security tweet media
English
1
0
1
143
Orca Security
Orca Security@orcasec·
Who needs to read our 2026 State of AI Report? Spoiler: you're going to want to see what we found. The 2026 State of AI Report is coming soon. Pre-order now so it lands straight in your inbox → try.orca.security/26-07-07-RP-St…
GIF
English
0
0
1
70
Orca Security
Orca Security@orcasec·
Text stopped scaling. So we fixed the interface. AI agents now hand back full security investigations, not one-liners. The problem isn't getting the answer anymore. It's reading 200 lines of Markdown. Here's how Orca MCP fixes that 👇 orca.security/resources/blog…
Orca Security tweet media
English
0
0
1
87
Orca Security
Orca Security@orcasec·
@pumpdotco grew a 1,500+ customer base across AWS, GCP & Azure, and kept security airtight the whole way. 🔒 With @orcasec: ⚡ 25% faster detection ⚡ 75% faster remediation ⚡ 50% less time on compliance audits Read the full story 👇 orca.security/resources/case…
Orca Security tweet media
English
0
0
0
51
Orca Security
Orca Security@orcasec·
Heading to #BHUSA? Sit down with our execs Gil Geron, Raf Chiodo, and Avi Shua for a real 1:1 conversation about cloud security, AI, CNAPP, and where the industry is headed. 👉 Book your meeting: try.orca.security/BHUSA2026ExecM…
Orca Security tweet media
English
1
0
1
101
Orca Security
Orca Security@orcasec·
We'll be at Black Hat USA 2026, and we'd love to connect with you August 4–6. Battling AI sprawl, cloud blind spots, or alert fatigue? Come find us at Black Hat at Booth #5115, August 4–6. We'd love to meet you. 👋 Where to find us at #BHUSA: orca.security/resources/blog…
Orca Security tweet media
English
0
0
1
139
Orca Security
Orca Security@orcasec·
Jim Reavis, CEO of Cloud Security Alliance, gives his advice to security leaders on what it takes to stay ahead in the rapidly evolving world of AI. It's a must-watch for any security professional right now. Catch the full on-demand session: try.orca.security/AIonBothSides-…
English
0
0
1
98
Orca Security
Orca Security@orcasec·
The CISO role has never been harder to define, or more important to get right. We asked the sharpest security leaders the questions that actually keep them up at night. Here's what they said. 👇 orca.security/resources/blog…
Orca Security tweet media
English
1
0
1
60
Orca Security
Orca Security@orcasec·
🚨 144 Mastra npm packages just got backdoored via a hijacked contributor account. Runs on install. Steals cloud keys, crypto wallets, CI secrets, browser creds. Installed @mastra/* after June 16? Rotate everything now. Full breakdown: orca.security/resources/blog…
Orca Security tweet media
English
1
0
1
94
Orca Security
Orca Security@orcasec·
🚀 Big news: Orca Security's Runtime AI Security is now Generally Available. Full visibility across your entire AI environment, built into the Orca Platform. No blind spots. No guesswork. 👉 Learn more: orca.security/platform/ai-se…
English
0
0
0
70
Orca Security
Orca Security@orcasec·
Patching nginx isn't enough if the same flaw lives in a fork nobody's watching. We found 1.45 million Tengine servers exposed to two critical unpatched vulnerabilities. One HTTP request. No login needed. Full research 👇 orca.security/resources/blog…
Orca Security tweet media
English
0
1
2
99
Orca Security
Orca Security@orcasec·
At Zenith Live Vienna this week? Find us at booth S3! 👋 The Orca Pod is here all week to talk cloud security, answer your hardest questions, and map out what's next for you. Swing by. Let's connect. ☁️🔒 #ZL26 #ZenithLive #CloudSecurity
Orca Security tweet media
English
0
0
1
65
Orca Security
Orca Security@orcasec·
🚨 CRITICAL: Splunk Enterprise CVE-2026-20253 (CVSS 9.8) 4 vulnerabilities disclosed, including unauthenticated file creation/truncation and RCE. No credentials, no interaction, just network access. Patch immediately. Full breakdown 👇 orca.security/resources/blog…
Orca Security tweet media
English
0
0
1
185
Orca Security
Orca Security@orcasec·
🚨 CRITICAL: PhpSpreadsheet CVE-2026-45034 (CVSS 9.8) The previous patch for CVE-2026-34084 was bypassed. Attackers can achieve full RCE with no authentication, and a public PoC is already out. Patch to 1.30.5 now 👇 orca.security/resources/blog…
Orca Security tweet media
English
0
0
7
629
Orca Security
Orca Security@orcasec·
🚨 CRITICAL: Langflow CVE-2026-5027 (CVSS 8.8) Unauthenticated attackers can achieve full RCE with a single request, no credentials needed. ~7,000 instances are publicly exposed and active exploitation is confirmed. Patch to 1.10.0 now. Full breakdown 👇 orca.security/resources/blog…
Orca Security tweet media
English
0
0
2
88