Unit 42 Threat Research

company article

Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-...

We detail the observed limited activity regarding authentication bypass vulnerability CVE-2024-0012 affecting specific versions of PAN-OS software, and include ...
November 22, 2024
By  Unit 42
company article

Threat Brief: Escalation of Cyber Risk Related to Iran (Updated J...

Unit 42 details recent Iranian cyberattack activity, sharing direct observations. Tactical and strategic recommendations are provided for defenders....
June 25, 2025
By  Unit 42
company article

Cybercriminals Abuse Open-Source Tools To Target Africa’s Financi...

Cybercriminals are targeting financial organizations across Africa, potentially acting as initial access brokers selling data on the dark web....
June 24, 2025
company article

Resurgence of the Prometei Botnet

We identified a resurgence of the Prometei botnet's Linux variant. Our analysis tracks the activity of this cryptominer and its new features....
June 20, 2025
company article

Exploring a New KimJongRAT Stealer Variant and Its PowerShell Imp...

We analyze two new KimJongRAT stealer variants, combining new research with existing knowledge. One uses a Portable Executable (PE) file and the other PowerShel...
June 17, 2025
company article

Serverless Tokens in the Cloud: Exploitation and Detections

Understand the mechanics of serverless authentication: three simulated attacks across major CSPs offer effective approaches for application developers....
June 13, 2025
company article

JSFireTruck: Exploring Malicious JavaScript Using JSF*ck as an Ob...

In an extensive campaign affecting 270k webpages, compromised websites were injected with the esoteric JavaScript programming style JSF*ck to redirect users to ...
company article

The Evolution of Linux Binaries in Targeted Cloud Operations

Using data from machine learning tools, we predict a surge in cloud attacks leveraging reworked Linux Executable and Linkage Format (ELF) files....
June 10, 2025

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.