Latest Blogs

POPULAR BLOGS

Popular Topics

SOC
Code to Cloud
Runtime Protection
Real-time cloud security
Cortex Cloud
Agentic AI

Unit 42 Threat Research

company article
Cloud Cybersecurity Research DNS Threat Research

DNS OverDoS: Are Private Endpoints Too Private?

We've identified an aspect of Azure’s Private Endpoint architecture that could expose Azure resources to denial of service (DoS) attacks....
January 20, 2026
By  Golan Myers
company article
Anatomy of an Attack Insights

Anatomy of an Attack: The Payroll Pirates and the Power of Social...

Unit 42 breaks down a payroll attack fueled by social engineering. Learn how the breach happened and how to protect your organization from similar threats....
January 16, 2026
By  Randy Stone
company article
High Profile Threats Vulnerabilities

Threat Brief: MongoDB Vulnerability (CVE-2025-14847)

Database platform MongoDB disclosed CVE-2025-14847, called MongoBleed. This is an unauthenticated memory disclosure vulnerability with a CVSS score of 8.7....
January 13, 2026
By  Unit 42
company article
Threat Research Vulnerabilities

Remote Code Execution With Modern AI/ML Formats and Libraries

We identified remote code execution vulnerabilities in open-source AI/ML libraries published by Apple, Salesforce and NVIDIA. ...
January 13, 2026
By  Curtis Carmony
company article
General Insights

Securing Vibe Coding Tools: Scaling Productivity Without Scaling ...

AI-generated code looks flawless until it isn't. Unit 42 breaks down how to expose these invisible flaws before they turn into your next breach....
January 8, 2026
By  Kate Middagh , Michael Spisak
company article
Malware Threat Research

VVS Discord Stealer Using Pyarmor for Obfuscation and Detection E...

VVS stealer (or VVS $tealer) is a Python-based infostealer targeting Discord users. It employs Pyarmor for obfuscation, contributing to its efficacy....
January 2, 2026
By  Pranay Kumar Chhaparwal , Lee Wei Yeong
company article
Insights Opinions

Who Does Cybersecurity Need? You!

Cybersecurity thrives on diverse skills, not just coding and engineering. From writers to designers, there’s a place for you in this field....
December 23, 2025
By  Samantha Stallings
company article
Ransomware Threat Actor Groups Threat Research

From Linear to Complex: An Upgrade in RansomHouse Encryption

Operators behind RansomHouse, a ransomware-as-a-service (RaaS) group, have upgraded their encryption methods from single-phase to complex and layered....
December 17, 2025
By  Anmol Maurya , Jingwen Shi
See all Unit 42 threat research

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Get the latest news, invites to events, and threat alerts

Get the latest news, invites to events, and threat alerts