Aqua News

Contact Aqua PR

Scores of Redis Servers Infested by Sophisticated Custom-Built Malware

February 3, 2023

Since September 2021, the threat actor has compromised at least 1,200 Redis servers — that thousands of mostly smaller organizations use as a database or a cache — and taken complete control over them. Researchers from Aqua Nautilus, who spotted the campaign when an attack hit one of its honeypots, are tracking the malware as …

Read more

Aqua Security Named as Leader and Outperformer in GigaOm Radar Report for Container Security

January 31, 2023

BOSTON—January 31, 2023—Aqua Security, the leading pure-play cloud native security provider, today announced that it ranked as an Outperformer and Leader in innovation in the GigaOm Radar for Container Security. The report highlights key vendors in container security, defines criteria for evaluating solutions and validates that Aqua is the leader and innovator in cloud native …

Read more

Aqua Security Named Best Cloud Native Security Solution

January 18, 2023

BOSTON— January 18, 2023—Aqua Security, the leading pure-play cloud native security provider, today announced that it has been named the Best Cloud Native Security Solution/Service in Techstrong Group’s DevOps Dozen Awards. Aqua was honored for its innovative Cloud Native Application Protection Platform (CNAPP) and influential commitment to the DevOps and security community. “The term ‘cloud-native …

Read more

How Organizations Should Respond to the CircleCI Security Incident

January 13, 2023

CircleCI is assuming responsibility and taking steps to protect its customers, Assaf Morag, lead data analyst at cloud native security company Aqua Security, notes. But is important for customers to respond proactively to the security incident as well.  

Read more

VSCode Marketplace can be abused to host malicious extensions

January 6, 2023

Aqua researchers have found it surprisingly easy to upload malicious Visual Studio Code extensions to the VSCode Marketplace, and discovered signs of threat actors already exploiting this weakness. 

Read more

PyTorch Machine Learning Framework Compromised with Malicious Dependency

January 2, 2023

Aqua Security, in its own analysis of the bogus torchtriton module, said the package is almost 100% identical to its legitimate counterpart except for one crucial change that enables it to run a malicious binary called triton for harvesting the sensitive data.

Read more

Software Supply Chain Threats Will Grow and Evolve in 2023

December 23, 2022

Eilon Elhadad, Aqua’s Senior Director of Supply Chain, shared his predictions on software supply chain security.  

Read more

With cloud native-attacks on the rise, it’s vital that developers are able to automate security scans

December 14, 2022

Itay Shakury, VP Open Source, conducted a Q&A sharing details on Trivy, the all-in-one, open source security scanner that helps teams incorporate security into their workflow.  

Read more