Fast Feed

❯

❯

unit42

Nov 22, 20252 min read

Anatomy of an Akira Ransomware Attack: When a Fake CAPTCHA Led to 42 Days of Compromise
Nov 19, 12:00 AM
Digital Doppelgangers: Anatomy of Evolving Impersonation Campaigns Distributing Gh0st RAT
Nov 14, 11:00 PM
You Thought It Was Over? Authentication Coercion Keeps Evolving
Nov 11, 04:30 AM
LANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices
Nov 07, 11:00 AM
Know Ourselves Before Knowing Our Enemies: Threat Intelligence at the Expense of Asset Management
Nov 05, 12:00 AM
When AI Agents Go Rogue: Agent Session Smuggling Attack in A2A Systems
Oct 31, 10:00 AM
Suspected Nation-State Threat Actor Uses New Airstalk Malware in a Supply Chain Attack
Oct 29, 10:00 AM
Bots, Bread and the Battle for the Web
Oct 28, 11:00 PM
Microsoft WSUS Remote Code Execution (CVE-2025-59287) Actively Exploited in the Wild
Oct 27, 07:45 PM
Cloud Discovery With AzureHound
Oct 24, 10:00 PM
The Smishing Deluge: China-Based Campaign Flooding Global Text Messages
Oct 23, 10:00 AM
Jingle Thief: Inside a Cloud-Based Gift Card Fraud Campaign
Oct 22, 10:00 AM
The Golden Scale: Notable Threat Updates and Looking Ahead
Oct 20, 11:00 PM
Threat Brief: Nation-State Actor Steals F5 Source Code and Undisclosed Vulnerabilities
Oct 16, 09:30 PM
PhantomVAI Loader Delivers a Range of Infostealers
Oct 15, 10:00 AM
Anatomy of an Attack: The “BlackSuit Blitz” at a Global Equipment Manufacturer
Oct 14, 11:00 PM
The Golden Scale: Bling Libra and the Evolving Extortion Economy
Oct 10, 09:00 PM
When AI Remembers Too Much – Persistent Behaviors in Agents’ Memory
Oct 09, 10:00 PM
The ClickFix Factory: First Exposure of IUAM ClickFix Generator
Oct 08, 10:00 AM
Responding to Cloud Incidents A Step-by-Step Guide from the 2025 Unit 42 Global Incident Response Report
Oct 07, 11:00 PM

70 items under this folder.

Nov 19, 2025
Anatomy of an Akira Ransomware Attack: When a Fake CAPTCHA Led to 42 Days of Compromise
Nov 14, 2025
Digital Doppelgangers: Anatomy of Evolving Impersonation Campaigns Distributing Gh0st RAT
Nov 11, 2025
You Thought It Was Over? Authentication Coercion Keeps Evolving
Nov 07, 2025
LANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices
Nov 05, 2025
Know Ourselves Before Knowing Our Enemies: Threat Intelligence at the Expense of Asset Management
Oct 31, 2025
When AI Agents Go Rogue: Agent Session Smuggling Attack in A2A Systems
Oct 29, 2025
Suspected Nation-State Threat Actor Uses New Airstalk Malware in a Supply Chain Attack
Oct 28, 2025
Bots, Bread and the Battle for the Web
Oct 27, 2025
Microsoft WSUS Remote Code Execution (CVE-2025-59287) Actively Exploited in the Wild
Oct 24, 2025
Cloud Discovery With AzureHound
Oct 23, 2025
The Smishing Deluge: China-Based Campaign Flooding Global Text Messages
Oct 22, 2025
Jingle Thief: Inside a Cloud-Based Gift Card Fraud Campaign
Oct 20, 2025
The Golden Scale: Notable Threat Updates and Looking Ahead
Oct 16, 2025
Threat Brief: Nation-State Actor Steals F5 Source Code and Undisclosed Vulnerabilities
Oct 15, 2025
PhantomVAI Loader Delivers a Range of Infostealers
Oct 14, 2025
Anatomy of an Attack: The BlackSuit Blitz at a Global Equipment Manufacturer
Oct 10, 2025
The Golden Scale: Bling Libra and the Evolving Extortion Economy
Oct 09, 2025
When AI Remembers Too Much – Persistent Behaviors in Agents’ Memory
Oct 08, 2025
The ClickFix Factory: First Exposure of IUAM ClickFix Generator
Oct 07, 2025
Responding to Cloud Incidents A Step-by-Step Guide from the 2025 Unit 42 Global Incident Response Report
Oct 01, 2025
TOTOLINK X6000R: Three New Vulnerabilities Uncovered
Sep 30, 2025
Phantom Taurus: A New Chinese Nexus APT and the Discovery of the NET-STAR Malware Suite
Sep 26, 2025
Threat Insights: Active Exploitation of Cisco ASA Zero Days
Sep 24, 2025
Bookworm to Stately Taurus Using the Unit 42 Attribution Framework
Sep 22, 2025
Operation Rewrite: Chinese-Speaking Threat Actors Deploy BadIIS in a Wide Scale SEO Poisoning Campaign
Sep 17, 2025
Shai-Hulud Worm Compromises npm Ecosystem in Supply Chain Attack
Sep 16, 2025
Myth Busting: Why Innocent Clicks Don't Exist in Cybersecurity
Sep 15, 2025
The Risks of Code Assistant LLMs: Harmful Content, Misuse and Deception
Sep 12, 2025
Trusted Connections, Hidden Risks: Token Management in the Third-Party Supply Chain
Sep 10, 2025
AdaptixC2: A New Open-Source Framework Leveraged in Real-World Attacks
Sep 09, 2025
Data Is the New Diamond: Latest Moves by Hackers and Defenders
Sep 03, 2025
Model Namespace Reuse: An AI Supply-Chain Attack Exploiting Model Name Trust
Sep 02, 2025
Why Threat Intelligence: A Conversation With Unit 42 Interns
Sep 02, 2025
Threat Brief: Salesloft Drift Integration Used To Compromise Salesforce Instances
Aug 26, 2025
Data Is the New Diamond: Heists in the Digital Age
Aug 25, 2025
Insights: Telling You What We Really Think
Aug 21, 2025
Your Connection, Their Cash: Threat Actors Misuse SDKs to Sell Your Bandwidth
Aug 20, 2025
Logit-Gap Steering: A New Frontier in Understanding and Probing LLM Safety
Aug 19, 2025
Fashionable Phishing Bait: GenAI on the Hook
Aug 14, 2025
A Mega Malware Analysis Tutorial Featuring Donut-Generated Shellcode
Aug 12, 2025
Muddled Libra’s Strike Teams: Amalgamated Evil
Aug 11, 2025
Keys to the Kingdom: Erlang/OTP SSH Vulnerability Analysis and Exploits Observed in the Wild
Aug 07, 2025
New Infection Chain and ConfuserEx-Based Obfuscation for DarkCloud Stealer
Aug 06, 2025
Muddled Libra: Why Are We So Obsessed With You?
Aug 06, 2025
When Good Accounts Go Bad: Exploiting Delegated Managed Service Accounts in Active Directory
Aug 05, 2025
Project AK47: Uncovering a Link to the SharePoint Vulnerability Attacks
Aug 01, 2025
Threat Actor Groups Tracked by Palo Alto Networks Unit 42 (Updated Aug. 1, 2025)
Jul 31, 2025
Introducing Unit 42’s Attribution Framework
Jul 30, 2025
2025 Unit 42 Global Incident Response Report: Social Engineering Edition
Jul 29, 2025
The Covert Operator's Playbook: Infiltration of Global Telecom Networks
Jul 25, 2025
The Ηоmоgraph Illusion: Not Everything Is As It Seems
Jul 22, 2025
Cloud Logging for Security and Beyond
Jul 21, 2025
Active Exploitation of Microsoft SharePoint Vulnerabilities: Threat Brief
Jul 14, 2025
Behind the Clouds: Attackers Targeting Governments in Southeast Asia Implement Novel Covert C2 Communication
Jul 11, 2025
Evolving Tactics of SLOW#TEMPEST: A Deep Dive Into Advanced Malware Techniques
Jul 10, 2025
Fix the Click: Preventing the ClickFix Attack Vector
Jul 08, 2025
GoldMelody’s Hidden Chords: Initial Access Broker In-Memory IIS Modules Revealed
Jul 03, 2025
Apache Under the Lens: Tomcat’s Partial PUT and Camel’s Header Hijack
Jul 02, 2025
Windows Shortcut (LNK) Malware Strategies
Jun 25, 2025
Threat Brief: Escalation of Cyber Risk Related to Iran
Jun 24, 2025
Cybercriminals Abuse Open-Source Tools To Target Africa’s Financial Sector
Jun 20, 2025
Resurgence of the Prometei Botnet
Jun 17, 2025
Exploring a New KimJongRAT Stealer Variant and Its PowerShell Implementation
Jun 13, 2025
Serverless Tokens in the Cloud: Exploitation and Detections
Jun 12, 2025
JSFireTruck: Exploring Malicious JavaScript Using JSF*ck as an Obfuscation Technique
Jun 10, 2025
The Evolution of Linux Binaries in Targeted Cloud Operations
Jun 09, 2025
Roles Here? Roles There? Roles Anywhere: Exploring the Security of AWS IAM Roles Anywhere
Jun 06, 2025
Blitz Malware: A Tale of Game Cheats and Code Repositories
Jun 03, 2025
Lost in Resolution: Azure OpenAI's DNS Resolution Issue
Jun 02, 2025
How Good Are the LLM Guardrails on the Market? A Comparative Study on the Effectiveness of LLM Content Filtering Across Major GenAI Platforms

Created By Quantlight © 2025

GitHub