Aqua News

Contact Aqua PR

Researchers unveil AWS vulnerabilities, ‘shadow resource’ vector

August 7, 2024

During a Black Hat USA 2024 session, Aqua Security researchers demonstrated how they discovered six cloud vulnerabilities in AWS services and a new attack vector. 

Read more

Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool

August 3, 2024

The activity, codenamed Panamorfi by cloud security firm Aqua, utilizes a Java-based tool called mineping to launch a TCP flood DDoS attack. Mineping is a DDoS package designed for Minecraft game servers. 

Read more

Aqua logo

Aqua Security Chosen by 10 of the top North American Banks for Cloud Native Application Protection

July 11, 2024

BOSTON—July 11, 2024 — Aqua Security, the pioneer in cloud native security, today announced that 10 of North America’s largest and most influential banks have chosen its cloud native application protection platform (CNAPP), the Aqua Platform, to prevent attacks in the software supply chain and stop attacks as they happen in real time in production. With Aqua, customers …

Read more

Critical Unpatched Flaws Disclosed in Popular Gogs Open-Source Git Service

July 8, 2024

The disclosure comes as cloud security firm Aqua discovered that sensitive information such as access tokens and passwords once hard-coded could remain permanently exposed even after removal from Git-based source code management (SCM) systems. 

Read more

A guide to supply chain security tools

July 8, 2024

Aqua Security is featured in a list of tools to help secure software supply chains, along with a brief description of their offerings. 

Read more

In the Wake of Breaches, How and Why Cloud Security Must Change

July 1, 2024

In this episode of DOS Won’t Hunt, Tsvi Korren, field CTO, Aqua Security joins thought leaders and Shane Snider, senior writer, InformationWeek to discuss ways cloud security must evolve.

Read more

‘Phantom’ Source Code Secrets Haunt Major Organization

June 27, 2024

Underlying processes within Git-based Source Code Management systems (SCMs) cause code to remain accessible even after being deleted or overwritten, continuing to expose previously leaked secrets, new Aqua Security research shows. 

Read more

Enterprise secrets leaked in code management systems

June 26, 2024

By scanning the most popular 100 organizations on Github, which collectively includes more than 50,000 publicly accessible repositories, Aqua researchers found active secrets from open source organizations and enterprises such as Cisco and Mozilla providing access to sensitive data and software. 

Read more