Latest Blogs
Unit 42 Threat Research
New Prompt Injection Attack Vectors Through MCP Sampling
Model Context Protocol connects LLM apps to external data sources or tools. We examine its security implications through various attack vectors....
Critical Vulnerabilities in React Server Components and Next.js
We discuss the CVSS 10.0-rated RCE vulnerabilities in the Flight protocol used by React Server Components. These are tracked as CVE-2025-55182 and CVE-2025-5518...
The Browser Defense Playbook: Stopping the Attacks That Start on ...
85% of daily work occurs in the browser. Unit 42 outlines key security controls and strategies to make sure yours is secure....
The Golden Scale: 'Tis the Season for Unwanted Gifts
Unit 42 shares further updates of cybercrime group Scattered LAPSUS$ Hunters. Secure your organization this holiday season. ...
"Shai-Hulud" Worm Compromises npm Ecosystem in Supply Chain Attac...
Self-replicating worm “Shai-Hulud” has compromised hundreds of software packages in a supply chain attack targeting the npm ecosystem. We discuss scope and ...
The Dual-Use Dilemma of AI: Malicious LLMs
The line between research tool and threat creation engine is thin. We examine the capabilities of WormGPT 4 and KawaiiGPT, two malicious LLMs....
Anatomy of an Akira Ransomware Attack: When a Fake CAPTCHA Led to...
Unit 42 outlines a Howling Scorpius attack delivering Akira ransomware that originated from a fake CAPTCHA and led to a 42-day compromise....
Digital Doppelgangers: Anatomy of Evolving Impersonation Campaign...
Two campaigns delivering Gh0st RAT to Chinese speakers show a deep understanding of the target population's virtual environment and online behavior....
Subscribe to the Newsletter!
Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.