Latest Blogs

POPULAR BLOGS

Popular Topics

SOC
AI
Code to Cloud
Runtime Protection
Real-time cloud security
Cortex Cloud

Unit 42 Threat Research

company article
High Profile Threats Vulnerabilities

Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-...

We detail the observed limited activity regarding authentication bypass vulnerability CVE-2024-0012 affecting specific versions of PAN-OS software, and include ...
November 22, 2024
By  Unit 42
company article
Cybercrime Hacktivism High Profile Threats Malware Threat Actor Groups Threat Research

Threat Brief: Escalation of Cyber Risk Related to Iran (Updated J...

Unit 42 details recent Iranian cyberattack activity, sharing direct observations. Tactical and strategic recommendations are provided for defenders....
June 25, 2025
By  Unit 42
company article
Cybercrime Malware Threat Research

Cybercriminals Abuse Open-Source Tools To Target Africa’s Financi...

Cybercriminals are targeting financial organizations across Africa, potentially acting as initial access brokers selling data on the dark web....
June 24, 2025
By  Tom Fakterman , Guy Levi
company article
Cybercrime Malware Threat Research

Resurgence of the Prometei Botnet

We identified a resurgence of the Prometei botnet's Linux variant. Our analysis tracks the activity of this cryptominer and its new features....
June 20, 2025
By  Lee Wei Yeong , Pranay Kumar Chhaparwal
company article
Cybercrime Malware Threat Research

Exploring a New KimJongRAT Stealer Variant and Its PowerShell Imp...

We analyze two new KimJongRAT stealer variants, combining new research with existing knowledge. One uses a Portable Executable (PE) file and the other PowerShel...
June 17, 2025
By  Dominik Reichel
company article
Cloud Cybersecurity Research Threat Research

Serverless Tokens in the Cloud: Exploitation and Detections

Understand the mechanics of serverless authentication: three simulated attacks across major CSPs offer effective approaches for application developers....
June 13, 2025
By  Zohar Zigdon
company article
Malware Threat Research

JSFireTruck: Exploring Malicious JavaScript Using JSF*ck as an Ob...

In an extensive campaign affecting 270k webpages, compromised websites were injected with the esoteric JavaScript programming style JSF*ck to redirect users to ...
June 12, 2025
By  Hardik Shah , Brad Duncan , Pranay Kumar Chhaparwal
company article
Cloud Cybersecurity Research Malware Threat Research

The Evolution of Linux Binaries in Targeted Cloud Operations

Using data from machine learning tools, we predict a surge in cloud attacks leveraging reworked Linux Executable and Linkage Format (ELF) files....
June 10, 2025
By  Nathaniel Quist , Bill Batchelor
See all Unit 42 threat research

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.

Get the latest news, invites to events, and threat alerts

Get the latest news, invites to events, and threat alerts