Securing the Full Application Lifecycle with Upwind and OX Security

Upwind-OX

In today’s fast-paced development environments, the speed of software delivery has outpaced traditional security workflows. APIs are often published before they’re reviewed, cloud resources are deployed via automation, and new vulnerabilities emerge in runtime that never existed in dev or staging. It’s estimated that over 50% of data breaches by 2025 will originate from unprotected […]

npm Supply Chain Attack: Massive Compromise of debug, chalk, and 16 Other Packages

GHSA-cxm3-wv7p-598c Nx Build System Supply-Chain Compromise-3

On September 8, 2025, one of the largest npm supply chain incidents in recent history unfolded. Popular libraries like debug and chalk along with 16 other utilities were hijacked and pushed to npm with malicious code targeting cryptocurrency wallets and blockchain transactions. These packages collectively have billions of weekly downloads, making this compromise both widespread […]

CVE-2025-55190: Argo CD Project API Token Exposes Repository Credentials

GHSA-cxm3-wv7p-598c Nx Build System Supply-Chain Compromise-2

A critical vulnerability was disclosed in Argo CD, a popular GitOps continuous delivery tool. This flaw allows project-level API tokens to retrieve sensitive repository credentials such as usernames and passwords, even when those tokens do not have explicit permissions to access secrets. Overview Argo CD uses project-level tokens to automate deployment workflows and manage applications.Due […]

GHSA-cxm3-wv7p-598c: Nx Build System Supply-Chain Compromise

GHSA-cxm3-wv7p-598c_ Nx Build System Supply-Chain Compromise

On August 26, 2025, the popular Nx build system package was compromised in a sophisticated supply-chain attack. Malicious versions of Nx and related packages were published to npm, embedding malware that scanned developer environments for sensitive credentials and exfiltrated them. This attack stands out not only because of its impact with thousands of developers who […]

Simplify Custom Posture Rule Creation with Upwind’s LLM-based Rego Support

rego LLM-v2

Upwind now supports a significant new AI-powered capability in the Upwind platform, allowing users to create custom posture rules with LLM-based Rego, streamlining workflows and accelerating reduction of their cloud attack surface. Upwind’s runtime-backed posture engine has always surfaced high-impact misconfigurations that pose true risks to cloud environments, often missed by traditional CSPMs. With this […]

2025 Gartner® Market Guide for Cloud-Native Application Protection Platforms: 5 Takeaways That We Believe Matter

Gartner CNAPP-d

Gartner has released the 2025 CNAPP Market Guide. According to Gartner: “​​while numerous providers exist, only a handful offer a comprehensive platform with the required breadth and depth of functionality, particularly emphasizing seamless integration through the development and operations processes.” We believe that Upwind’s inclusion in this group of vendors is a significant milestone. To […]

Bringing the Right Technology to Stand on the Shoulders of Giants

Upwind acquires Nyx Security

From an idea in stealth to acquisition — the journey of NYX and the future with Upwind Fourteen months ago, my partner Gili Yankovitch and I started working on a bold idea: what if we could help security & appsec teams with better prioritization of their risks and detect not just what code should run, […]

Upwind + Nyx: Advancing Runtime Security into the Application Layer

Upwind-Nyx-full-1600x960-Feed

Cloud-native infrastructure has become more dynamic and distributed, but application behavior at runtime remains one of the most overlooked aspects of cloud security. Attackers increasingly exploit logic flaws and runtime gaps that static analysis can’t catch. Following our acquisition of Nyx in April 2025, we’ve now fully integrated its technology into the Upwind platform. This […]

How Upwind Uses eBPF to Bring Real-Time Security to Cloud-Native Environments

eBPF_Blog_Hero

Modern cloud-native environments offer unprecedented speed, scalability, and developer agility – but they also introduce complexity that traditional security tools struggle to manage. Containers spin up and down in seconds, microservices multiply rapidly, and infrastructure changes dynamically. Static logs and agent-based security solutions simply can’t keep up. That’s where eBPF comes in –  and why […]

Understanding the NVIDIAScape (CVE‑2025‑23266) Container Toolkit Vulnerability – and Why Your AI Workloads Are Most Likely Safe

B-2

Overview: CVE-2025-23266 is a container‑escape vulnerability (CVSS 9.0) affecting the NVIDIA Container Toolkit and GPU Operator. While this vulnerability requires multiple specific conditions, it has the potential to allow a malicious container image to escape its sandbox and execute code as root on the host. NVIDIA has released patched versions of both components. Upgrading to Toolkit v1.17.8  and  GPU Operator 25.3.1 […]

Footer-Logo-07_03_2025

Stay In Touch

This field is for validation purposes and should be left unchanged.

Product

CNAPP
CSPM
CWPP
Container Security
Identity Security
Vulnerability Management
DSPM
CADR
API Security
GenAI Security

General

About
Contact
Careers
We are hiring!
Events
Case Studies
Get A Demo

Social

X
LinkedIn
Instagram

Resources

UpwindTV
Feed
Glossary
Integrations
Newsroom

Documentation

Privacy Policy
Terms of Use

© 2025 Upwind Security