Coverage

My work at Wiz has been covered in venues such as:

• TechCrunch: OpenAI says AI browsers may always be vulnerable to prompt injection attacks
• BleepingComputer: Shai-Hulud 2.0 NPM malware attack exposed up to 400,000 dev secrets
• The Register: Devs are writing VS Code extensions that blab secrets by the bucketload
• The Hacker News: Eclipse Foundation Revokes Leaked Open VSX Tokens Following Wiz Discovery
• Dark Reading: Supply Chain Attacks Targeting GitHub Actions Increased in 2025
• The Record: CISA urges orgs to review software after ‘Shai-Hulud’ supply chain compromise
• SecureWorld: Two-Thirds of Leading AI Companies Leaking Secrets on GitHub, Report Finds
• SecurityWeek: Many Forbes AI 50 Companies Leak Secrets on GitHub
• IB Times: Shai-Hulud 2.0 Credential Leak Hits Zapier, PostHog and Postman — User Data At Risk
• TechZine: Shai-Hulud 2.0’s impact appears vast as NPM ecosystem struggles to cope
• DevOps.com: Massive VS Code Secrets Leak Puts Focus on Extensions, AI: Wiz

I’m grateful to frequently have my work shared by prominent security newsletters, including tldrsec.com, TLDR Information Security, Risky Business, CloudSecList, etc.