Orca Security

The AI revolution has brought a new class of infrastructure into the mainstream: vector databases. Tools like Weaviate, Milvus, and ChromaDB have become essential building blocks for AI-powered applications from retrieval-augmented generation (RAG) pipelines to semantic search and recommendation engines. But as organizations race to adopt these technologies, a familiar pattern is emerging: security is […] The post The AI Data You Forgot to Lock: How Exposed Vector Databases Put Organizations at Risk appeared first on Orca Security .

Key Takeaways Most cloud security programs were not built for generative AI workloads. The IAM policies, network segmentation rules, and misconfiguration checks that worked for a three-tier web application in 2021 leave serious gaps when the workload is an LLM inference endpoint sitting next to a labeled PII dataset in S3. The attack surface changed. […] The post GenAI Risks in Cloud Environments: What Security Teams Are Actually Missing in 2026 appeared first on Orca Security .

Multi-cloud security protects workloads, identities, and data across multiple public cloud environments while maintaining consistent visibility and security controls. As organizations adopt multi-cloud strategies to improve flexibility and resilience, managing security across different platforms becomes increasingly complex. While the principles discussed in this article apply broadly to multi-cloud environments, AWS, Azure, and Google Cloud Platform […] The post What Is Multi-Cloud Security? appeared first on Orca Security .

Cloud environments move fast, and attackers know it. Traditional security tools built for static infrastructure often fail to detect the complex, multi-stage threats that unfold across cloud workloads, identities, APIs, and containers. Cloud Detection and Response (CDR) was designed to close that visibility gap by providing real-time threat detection, attack correlation, and rapid response capabilities […] The post What Is Cloud Detection and Response (CDR)? appeared first on Orca Security .

Executive Summary A high-impact Linux kernel vulnerability, currently without a verified public CVE or CVSS score, was disclosed affecting kernels prior to commit 31e62c2e. The issue allows a local unprivileged attacker to steal file descriptors from privileged processes during a narrow exit window, potentially exposing root-only files such as SSH host private keys and /etc/shadow. […] The post Linux kernel vulnerability enables local theft of SSH host keys and /etc/shadow appeared first on Orca Security .

A critical vulnerability (CVE-2026-42945, CVSS 9.2) was disclosed affecting NGINX Open Source and NGINX Plus, allowing attackers to reliably trigger denial-of-service (DoS) conditions and potentially achieve remote code execution (RCE) via specially crafted HTTP requests. Due to the potential for widespread disruption across internet-facing applications and ingress infrastructure, immediate patching is strongly recommended. Technical Root […] The post 18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated DoS and Potential RCE appeared first on Orca Security .

Material Event filed 2026-05-14

Quarterly Report filed 2026-05-14

The gap between security data and security decisions has never been smaller. Cloud security teams are drowning in the right data. They have asset inventories, vulnerability feeds, compliance scores, CloudTrail logs, attack paths. The problem isn’t data availability. It’s the distance between raw findings and the analysis a practitioner actually needs to act. That gap […] The post Announcing Cloud Security Agent Skills for Orca’s MCP Server appeared first on Orca Security .

Key Takeaways Executive Summary A critical supply chain compromise was disclosed on May 12, 2026, affecting TanStack, Mistral AI, UiPath, and over 160 additional npm and PyPI packages. The attack, attributed to the threat actor group TeamPCP and dubbed “Mini Shai-Hulud,” allows attackers to steal credentials, self-propagate through the npm ecosystem, and potentially wipe developer […] The post TanStack and 160+ npm/PyPI Packages Compromised in Supply Chain Worm Attack appeared first on Orca Security .

Executive Summary A Linux kernel vulnerability chain dubbed Dirty Frag has been disclosed, enabling a low-privileged local user to escalate privileges to root on affected Linux systems. The issue is especially relevant for cloud environments where attackers often gain an initial foothold through compromised credentials, vulnerable applications, CI/CD runners, containers, or exposed administrative services before […] The post Dirty Frag: Linux Kernel Vulnerability Chain Enables Local Privilege Escalation to Root appeared first on Orca Security .