Fast Feed

❯

❯

unit42

Aug 23, 20252 min read

Your Connection, Their Cash: Threat Actors Misuse SDKs to Sell Your Bandwidth
Aug 21, 10:00 AM
Logit-Gap Steering: A New Frontier in Understanding and Probing LLM Safety
Aug 20, 11:00 PM
Fashionable Phishing Bait: GenAI on the Hook
Aug 19, 10:00 AM
A Mega Malware Analysis Tutorial Featuring Donut-Generated Shellcode
Aug 14, 10:00 AM
Muddled Libra’s Strike Teams: Amalgamated Evil
Aug 12, 09:00 PM
Keys to the Kingdom: Erlang/OTP SSH Vulnerability Analysis and Exploits Observed in the Wild
Aug 11, 10:00 AM
New Infection Chain and ConfuserEx-Based Obfuscation for DarkCloud Stealer
Aug 07, 10:00 AM
Muddled Libra: Why Are We So Obsessed With You?
Aug 06, 09:00 PM
When Good Accounts Go Bad: Exploiting Delegated Managed Service Accounts in Active Directory
Aug 06, 10:00 AM
Project AK47: Uncovering a Link to the SharePoint Vulnerability Attacks
Aug 05, 11:00 PM
Threat Actor Groups Tracked by Palo Alto Networks Unit 42 (Updated Aug. 1, 2025)
Aug 01, 01:00 PM
Introducing Unit 42’s Attribution Framework
Jul 31, 10:00 AM
2025 Unit 42 Global Incident Response Report: Social Engineering Edition
Jul 30, 10:00 AM
The Covert Operator’s Playbook: Infiltration of Global Telecom Networks
Jul 29, 09:00 PM
The Ηоmоgraph Illusion: Not Everything Is As It Seems
Jul 25, 09:00 PM
Cloud Logging for Security and Beyond
Jul 22, 09:00 PM
Active Exploitation of Microsoft SharePoint Vulnerabilities: Threat Brief
Jul 21, 10:48 PM
Behind the Clouds: Attackers Targeting Governments in Southeast Asia Implement Novel Covert C2 Communication
Jul 14, 10:00 AM
Evolving Tactics of SLOW#TEMPEST: A Deep Dive Into Advanced Malware Techniques
Jul 11, 10:00 AM
Fix the Click: Preventing the ClickFix Attack Vector
Jul 10, 10:00 AM

70 items under this folder.

Aug 21, 2025
Your Connection, Their Cash: Threat Actors Misuse SDKs to Sell Your Bandwidth
Aug 20, 2025
Logit-Gap Steering: A New Frontier in Understanding and Probing LLM Safety
Aug 19, 2025
Fashionable Phishing Bait: GenAI on the Hook
Aug 14, 2025
A Mega Malware Analysis Tutorial Featuring Donut-Generated Shellcode
Aug 12, 2025
Muddled Libra’s Strike Teams: Amalgamated Evil
Aug 11, 2025
Keys to the Kingdom: Erlang/OTP SSH Vulnerability Analysis and Exploits Observed in the Wild
Aug 07, 2025
New Infection Chain and ConfuserEx-Based Obfuscation for DarkCloud Stealer
Aug 06, 2025
Muddled Libra: Why Are We So Obsessed With You?
Aug 06, 2025
When Good Accounts Go Bad: Exploiting Delegated Managed Service Accounts in Active Directory
Aug 05, 2025
Project AK47: Uncovering a Link to the SharePoint Vulnerability Attacks
Aug 01, 2025
Threat Actor Groups Tracked by Palo Alto Networks Unit 42 (Updated Aug. 1, 2025)
Jul 31, 2025
Introducing Unit 42’s Attribution Framework
Jul 30, 2025
2025 Unit 42 Global Incident Response Report: Social Engineering Edition
Jul 29, 2025
The Covert Operator's Playbook: Infiltration of Global Telecom Networks
Jul 25, 2025
The Ηоmоgraph Illusion: Not Everything Is As It Seems
Jul 22, 2025
Cloud Logging for Security and Beyond
Jul 21, 2025
Active Exploitation of Microsoft SharePoint Vulnerabilities: Threat Brief
Jul 14, 2025
Behind the Clouds: Attackers Targeting Governments in Southeast Asia Implement Novel Covert C2 Communication
Jul 11, 2025
Evolving Tactics of SLOW#TEMPEST: A Deep Dive Into Advanced Malware Techniques
Jul 10, 2025
Fix the Click: Preventing the ClickFix Attack Vector
Jul 08, 2025
GoldMelody’s Hidden Chords: Initial Access Broker In-Memory IIS Modules Revealed
Jul 03, 2025
Apache Under the Lens: Tomcat’s Partial PUT and Camel’s Header Hijack
Jul 02, 2025
Windows Shortcut (LNK) Malware Strategies
Jun 25, 2025
Threat Brief: Escalation of Cyber Risk Related to Iran
Jun 24, 2025
Cybercriminals Abuse Open-Source Tools To Target Africa’s Financial Sector
Jun 20, 2025
Resurgence of the Prometei Botnet
Jun 17, 2025
Exploring a New KimJongRAT Stealer Variant and Its PowerShell Implementation
Jun 13, 2025
Serverless Tokens in the Cloud: Exploitation and Detections
Jun 12, 2025
JSFireTruck: Exploring Malicious JavaScript Using JSF*ck as an Obfuscation Technique
Jun 10, 2025
The Evolution of Linux Binaries in Targeted Cloud Operations
Jun 09, 2025
Roles Here? Roles There? Roles Anywhere: Exploring the Security of AWS IAM Roles Anywhere
Jun 06, 2025
Blitz Malware: A Tale of Game Cheats and Code Repositories
Jun 03, 2025
Lost in Resolution: Azure OpenAI's DNS Resolution Issue
Jun 02, 2025
How Good Are the LLM Guardrails on the Market? A Comparative Study on the Effectiveness of LLM Content Filtering Across Major GenAI Platforms
May 16, 2025
Threat Group Assessment: Muddled Libra (Updated May 16, 2025)
May 14, 2025
DarkCloud Stealer: Comprehensive Analysis of a New Attack Chain That Employs AutoIt
May 09, 2025
Threat Brief: CVE-2025-31324
May 09, 2025
Stealthy .NET Malware: Hiding Malicious Payloads as Bitmap Resources
May 07, 2025
Iranian Cyber Actors Impersonate Model Agency in Suspected Espionage Operation
May 06, 2025
Lampion Is Back With ClickFix Lures
May 01, 2025
AI Agents Are Here. So Are the Threats.
Apr 29, 2025
Gremlin Stealer: New Stealer on Sale in Underground Forum
Apr 23, 2025
Extortion and Ransomware Trends January-March 2025
Apr 21, 2025
False Face: Unit 42 Demonstrates the Alarming Ease of Synthetic Identity Creation
Apr 16, 2025
Cascading Shadows: An Attack Chain Approach to Avoid Detection and Complicate Analysis
Apr 14, 2025
Slow Pisces Targets Developers With Coding Challenges and Introduces New Customized Python Malware
Apr 09, 2025
How Prompt Attacks Exploit GenAI and How to Fight Back
Apr 04, 2025
OH-MY-DC: OIDC Misconfigurations in CI/CD
Apr 01, 2025
Evolution of Sophisticated Phishing Tactics: The QR Code Phenomenon
Mar 27, 2025
Cloud Threats on the Rise: Alert Trends Show Intensified Attacker Focus on IAM, Exfiltration
Mar 18, 2025
Threat Assessment: GitHub Actions Supply Chain Attack: The Compromise of tj-actions/changed-files
Mar 14, 2025
Off the Beaten Path: Recent Unusual Malware
Mar 13, 2025
Investigating Scam Crypto Investment Platforms Using Pyramid Schemes to Defraud Victims
Mar 07, 2025
Multiple Vulnerabilities Discovered in a SCADA System
Mar 06, 2025
The Next Level: Typo DGAs Used in Malicious Redirection Chains
Mar 05, 2025
Beneath the Surface: Detecting and Blocking Hidden Malicious Traffic Distribution Systems
Mar 03, 2025
Uncovering .NET Malware Obfuscated by Encryption and Virtualization
Feb 28, 2025
JavaGhost’s Persistent Phishing Attacks From the Cloud
Feb 27, 2025
Squidoor: Suspected Chinese Threat Actor’s Backdoor Targets Global Organizations
Feb 26, 2025
RustDoor and Koi Stealer for macOS Used by North Korea-Linked Threat Actor to Target the Cryptocurrency Sector
Feb 24, 2025
Auto-Color: An Emerging and Evasive Linux Backdoor
Feb 21, 2025
Investigating LLM Jailbreaking of Popular Generative AI Web Products
Feb 20, 2025
Stately Taurus Activity in Southeast Asia Links to Bookworm Malware
Feb 19, 2025
Multiple Vulnerabilities Discovered in NVIDIA CUDA Toolkit
Dec 16, 2024
Dirty DAG: New Vulnerabilities in Azure Data Factory’s Apache Airflow Integration
Dec 13, 2024
Crypted Hearts: Exposing the HeartCrypt Packer-as-a-Service Operation
Dec 06, 2024
Network Abuses Leveraging High-Profile Events: Suspicious Domain Registrations and Other Scams
Dec 02, 2024
Threat Assessment: Howling Scorpius (Akira Ransomware)
Nov 22, 2024
Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 and CVE-2024-9474 (Updated Nov. 22)
Nov 22, 2024
Lateral Movement on macOS: Unique and Popular Techniques and In-the-Wild Examples

Created By Quantlight © 2025

GitHub