logo

Palo Alto Networks Unit 42

ID: c8d50a5a-c805-599d-99ad-5b5f5e92b089

STIX ID: identity--c8d50a5a-c805-599d-99ad-5b5f5e92b089

Feed Type: rss

Earliest post: 2024-03-15

Latest post: 2026-05-28

Deep-dive threat research, malware analysis, and intelligence from Palo Alto Networks’ elite Unit 42 team.

01/01/2020
05/29/2026
Title Date Published Describes IncidentAuthorVisible
2026 World Cup: Discussing The World’s Biggest Game’s Attack Surface2026-05-28TrueJustin MooreTrue
Out of the Crypt: The Evolving Cyber Extortion Economy2026-05-27TrueMatt Brady and Justin MooreTrue
Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns2026-05-22TrueUnit 42True
Paved With Intent: ROADtools and Nation-State Tactics in the Cloud2026-05-22TrueBill Batchelor and Eyal RafianTrue
Tracking TamperedChef Clusters via Certificate and Code Reuse2026-05-20TrueJoseph GanterTrue
Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools2026-05-11TrueStav Setty, Tom Fakterman and Shachar RoitmanTrue
Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution2026-05-07TrueJustin Moore and Unit 42True
Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years2026-05-05TrueJustin MooreTrue
Essential Data Sources for Detection Beyond the Endpoint2026-05-01TrueCorey Berman and Matt GayfordTrue
That AI Extension Helping You Write Emails? It’s Reading Them First2026-04-30TrueShresta Bellary Seetharam, Nabeel Mohamed, Billy Melicher, Oleksii Starov, Qinge Xie and Fang LiuTrue
The npm Threat Landscape: Attack Surface and Mitigations2026-04-24TrueUnit 42True
TGR-STA-1030: New Activity in Central and South America2026-04-24TrueUnit 42True
Can AI Attack the Cloud? Lessons From Building an Autonomous Cloud Offensive Multi-Agent System2026-04-23TrueYahav Festinger and Chen DoytshmanTrue
When Wi-Fi Encryption Fails: Protecting Your Enterprise from AirSnitch Attacks2026-04-22TrueEmmanuel Zhou, Adam Robbie, Rick Wyble, Zhutian Liu, Zhiyun Qian, Zhaowei Tan, Srikanth V. Krishnamurthy and Mathy VanhoefTrue
Fracturing Software Security With Frontier AI Models2026-04-20TrueAndy PiazzaTrue
A Deep Dive Into Attempted Exploitation of CVE-2023-335382026-04-16TrueAsher Davila, Malav Vyas and Chris NavarreteTrue
Cracks in the Bedrock: Agent God Mode2026-04-08TrueOri HadadTrue
Cracks in the Bedrock: Escaping the AWS AgentCore Sandbox2026-04-07TrueOri HadadTrue
Understanding Current Threats to Kubernetes Environments2026-04-06TrueEyal Rafian and Bill BatchelorTrue
When an Attacker Meets a Group of Agents: Navigating Amazon Bedrock's Multi-Agent Applications2026-04-03TrueJay Chen and Royce LuTrue
Threat Brief: Widespread Impact of the Axios Supply Chain Attack2026-04-01TrueUnit 42True
Weaponizing the Protectors: TeamPCP’s Multi-Stage Supply Chain Attack on Security Infrastructure2026-03-31TrueUnit 42True
Double Agents: Exposing Security Blind Spots in GCP Vertex AI2026-03-31TrueOfir ShatyTrue
Converging Interests: Analysis of Threat Clusters Targeting a Southeast Asian Government2026-03-26TrueDoel Santos and Hiroaki HaraTrue
Threat Brief: Recruiting Scheme Impersonating Palo Alto Networks Talent Acquisition Team2026-03-24TrueJustin MooreTrue
Google Authenticator: The Hidden Mechanisms of Passwordless Authentication2026-03-23TrueArie OlshteinTrue
Who’s Really Shopping? Retail Fraud in the Age of Agentic AI2026-03-20TrueMatt Brady and Christa McHughTrue
Analyzing the Current State of AI Use in Malware2026-03-19TrueUnit 42True
Open, Closed and Broken: Prompt Fuzzing Finds LLMs Still Fragile Across Open and Closed Models2026-03-17TrueYu Fu, May Wang, Royce Lu and Shengming XuTrue
Boggy Serpens Threat Assessment2026-03-16TrueUnit 42True
Iranian Cyber Threat Evolution: From MBR Wipers to Identity Weaponization2026-03-16TrueJustin MooreTrue
Insights: Increased Risk of Wiper Attacks2026-03-12TrueAndy Piazza, Eric Goldstrom and Steve ElovitzTrue
Suspected China-Based Espionage Operation Against Military Targets in Southeast Asia2026-03-12TrueLior Rochberger and Yoav ZemahTrue
Auditing the Gatekeepers: Fuzzing "AI Judges" to Bypass Security Controls2026-03-10TrueTony Li, Hongliang Liu and Yuhao WuTrue
An Investigation Into Years of Undetected Operations Targeting High-Value Sectors2026-03-06TrueTom FaktermanTrue
Fooling AI Agents: Web-Based Indirect Prompt Injection Observed in the Wild2026-03-03TrueBeliz Kaleli, Shehroze Farooqi, Oleksii Starov and Nabeel MohamedTrue
Threat Brief: March 2026 Escalation of Cyber Risk Related to Iran2026-03-03TrueUnit 42True
Taming Agentic Browsers: Vulnerability in Chrome Allowed Extensions to Hijack New Gemini Panel2026-03-02TrueGal WeizmanTrue
VShell and SparkRAT Observed in Exploitation of BeyondTrust Critical Vulnerability (CVE-2026-1731)2026-02-19TrueJustin MooreTrue
Critical Vulnerabilities in Ivanti EPMM Exploited2026-02-17TrueJustin MooreTrue
Phishing on the Edge of the Web and Mobile Using QR Codes2026-02-13TrueDiva-Oriane Marty, Shehroze Farooqi and Alex StarovTrue
Nation-State Actors Exploit Notepad++ Supply Chain2026-02-11TrueUnit 42True
A Peek Into Muddled Libra’s Operational Playbook2026-02-10TrueJustin De Luna, Noah Rincon and Cuong DinhTrue
Novel Technique to Detect Cloud Threat Actor Operations2026-02-06TrueNathaniel QuistTrue
The Shadow Campaigns: Uncovering Global Espionage2026-02-05TrueUnit 42True
Privileged File System Vulnerability Present in a SCADA System2026-01-30TrueAsher Davila and Malav VyasTrue
Understanding the Russian Cyber Threat to the 2026 Winter Olympics2026-01-29TrueJustin MooreTrue
The Next Frontier of Runtime Assembly Attacks: Leveraging LLMs to Generate Phishing JavaScript in Real Time2026-01-22TrueShehroze Farooqi, Alex Starov, Diva-Oriane Marty and Billy MelicherTrue
DNS OverDoS: Are Private Endpoints Too Private?2026-01-20TrueUnit 42True
Anatomy of an Attack: The Payroll Pirates and the Power of Social Engineering2026-01-17TrueRandy StoneTrue

1–50 of 201

Built by the dogesec team. Copyright 2026.