Olivia
Online
Orca Security
@orcasec
Portland, OR
Joined January 2019
1.8K Following
4.8K Followers
4.4K Posts
#ZenithLive is almost here!
Find us at booth S6 for cloud security convos and yes, of course, Orca swag.
Come hang with the Orca Pod! We can't wait to see you! 👋
Join us for our Happy Hour on June 9th too 🍹 Grab your spot here → https://t.co/iew9q1IiOv
🚨 Critical WordPress flaw: 150,000 sites vulnerable to admin takeover
Attackers exploit a broken password reset in the Kirki plugin to hijack accounts — no credentials needed.
On Kirki 6.0.0–6.0.6? Patch to 6.0.7 now.
Full breakdown: https://t.co/09hJKflmnv
Orca Sensor is now available for FedRAMP-authorized environments. 🎉
Runtime visibility, behavioral telemetry, real-time workload monitoring. The proof of security that FedRAMP and NIST 800-53 actually require.
Here's how it works: https://t.co/SyPH33unwm
🚨 Red Hat npm packages were backdoored with a credential-stealing worm that runs on npm install, silently sweeping AWS, GCP, Azure keys, SSH keys, Kubernetes configs, and more.
Affected? Rotate your credentials now.
Full breakdown + package list: https://t.co/6CKGlDNAZZ
Who to follow
AWS Community Builders Blogs
@aws_cb_blogs
Blog posts by the AWS ☁️ Community Builders from around the world. #AWSCommunity #AWSCommunityBuilders
Wiz 
@wiz_io
Secure everything you build and run
Marco Lancini
@lancinimarco
💼 Director of Security
📬 @CloudSecList
📚 https://t.co/TrQKzxfnYg
💬 I write about security strategy, technical leadership, and cloud security.
Heading to #ZenithLive? Come hang with us and @GuidePointSec at our Happy Hour June 9th.
Talk Zero Trust, SASE, and cloud security over drinks. Spots are limited, grab yours: https://t.co/iew9q1IiOv
Can't make it? Find us at booth S6. Good convos and Orca swag await.
🚨 Critical vulnerability alert: CVE-2026-27771
Your private container images might not be so private.
CVE-2026-27771 lets anyone pull private Gitea images with zero credentials. Source code, API keys, database passwords... all exposed.
How to fix: https://t.co/jcBQzD6AXz
Orca Security is now distributed through TD SYNNEX, and we're kicking things off with a live webinar tomorrow. Come see the platform, the opportunity, and how to get involved.
📅 Wednesday, May 27 | 2:30 PM ET
🔗 Register here: https://t.co/6VaO5NxRgF
🚨 Critical Unauthenticated RCE in Kopia Backup
A critical vulnerability, CVE-2026-45695 (CVSS 9.8), affects Kopia's HTTP server v0.22.3 and earlier.
One unauthenticated HTTP request = arbitrary code execution. Upgrade to v0.23.0 now.
👉 https://t.co/UQTOhJ5QHb
🚨 Critical Drupal SQL Injection Exposes Sites to RCE
CVE-2026-9082 affects Drupal core 8.9.0 through 11.3.9. No auth required, and the Drupal Security Team warns exploits could emerge within hours. Patch now.
How Orca can help: https://t.co/XrXW4vsbPA
⚠️ "PoolSlip" NGINX Exploit Revives Unpatched Remote Code Execution Risk
RCE is still achievable, a PoC is already public, and no vendor patch exists yet. If NGINX is in your stack, review your configs now.
How Orca can help: https://t.co/4dYasdKnkP
🚨 Critical Pre-Auth RCE in ChromaDB Threatens AI Infrastructure
CVE-2026-45829 (CVSS 10.0) allows unauthenticated attackers to execute arbitrary code on ChromaDB servers. 73% of exposed instances are vulnerable.
Full breakdown and how Orca can help: https://t.co/SAb16KZvD2
🚨 Critical Alert
CVE-2026-46354 lets attackers bypass Coder's signature verification and walk away with your SSH keys & OAuth tokens. Zero auth needed.
We broke it down, and what to do about it 👇
https://t.co/WJNXS6SNhL
AI-curious vs. AI-first. There's a big difference, and we're talking about it in Boston.
Join us for an invite-only gathering of execs and AI practitioners focused on turning AI adoption into real, measurable business outcomes. Part of #BOSTechWeek.
👉 https://t.co/UZzT2fFE88
🚨 Critical Alert for JavaScript and Node.js Developers
323 npm packages have been backdoored.
16 million weekly downloads. Credentials stolen automatically on npm install.
If your pipeline ran on May 19, assume exposure.
🔗 https://t.co/PdYLONreM3
🔓 Vector databases are leaking sensitive data, no auth required.
Our team found exposed instances containing:
• PII and home addresses
• Medical records and biometric data
• Plaintext cloud credentials
New research + 6 steps to fix it 👇
https://t.co/g3qcQ0jnxl
77% of organizations hold critical container vulnerabilities for 90+ days.
The problem isn't visibility. It's prioritization.
There's a lot more where that came from. Full breakdown from our 2026 State of AppSec Report here: https://t.co/RH7oLLGmCn
Attending #GartnerSEC this June? So are we. 👋
Swing by the Orca booth in National Harbor, we’d love to chat. And while you’re there, try your hand at our Key to Win game. (Trust us, you’ll want to.)
What topics are you most looking forward to? ⬇️
https://t.co/mAGv2QnSa8
🚨 Critical NGINX flaw alert
CVE-2026-42945 lets unauthenticated attackers crash servers and potentially execute malicious code. No login needed. A public exploit is already on GitHub.
If you're running NGINX, patch now. We have the full breakdown.
🔗 https://t.co/F6QlcTHPmY
🚀 Introducing Orca's AI Skills Hub
Connect Claude, Codex, or Cursor to Orca's MCP Server and get verdict-first cloud security analysis in plain English.
11 out-of-the-box skills. Fully open-source.
🔗 https://t.co/GvfDgrxyYu
🚨 A supply chain worm just hit TanStack, Mistral AI, UiPath, and 160+ other npm/PyPI packages.
It steals credentials, self-propagates, and can wipe your home directory.
We break down what happened and how to respond:
https://t.co/Sovbx5uGxz
Last Seen Users on Sotwe
laisa77
Seen from Italy
Habesha 🇪🇹
Seen from United States
Gali Diva
Seen from Germany
꧁༒•𝓣𝓱𝓮 𝓪𝓼𝓲𝓪𝓷 𝓑𝓪𝓭𝓭𝓲𝓮 𝓨𝓸𝔂𝓸•༒꧂
Seen from Denmark
ZEShan ⚫
Seen from Qatar
Kolkata hot boy
Seen from India
Publicnudes💦
Seen from Turkey
Samir sayed
Seen from Brazil
الشيخه بوسي المصريه
Seen from Netherlands
الذهاب الى المتعة
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers