Latest Blogs

POPULAR BLOGS

Popular Topics

SOC
Cortex Cloud
Agentic AI
Unit 42 Frontier AI Defense
Idira
Next-Generation Trust Security

Unit 42 Threat Research

company article
High Profile Threats Vulnerabilities

Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257

We include indicators of activity and mitigations for PAN-OS vulnerability CVE-2026-0257....
June 5, 2026
By  Andy Piazza , Unit 42
company article
High Profile Threats Malware

The npm Threat Landscape: Attack Surface and Mitigations (Updated...

Unit 42 analyzes npm supply chain evolution post-Shai Hulud. Discover wormable malware, CI/CD persistence, multi-stage attacks and more. ...
June 2, 2026
By  Unit 42
company article
Malware Threat Research

Operation FlutterBridge: macOS Malvertising Campaign Spreads New ...

Operation FlutterBridge is a malvertising campaign targeting macOS users. It distributed the new backdoor FlutterShell, built using the Flutter framework....
June 2, 2026
By  Ido Asher , Noa Dekel , Tom Fakterman
company article
Cybercrime General Hacktivism Insights Threat Research

2026 World Cup: Discussing The World’s Biggest Game’s Attack Surf...

The 2026 World Cup presents major cyber risks from ransomware groups, state-aligned actors, and other groups targeting critical infrastructure. Learn more here....
May 28, 2026
By  Justin Moore
company article
Cybercrime General Insights

Out of the Crypt: The Evolving Cyber Extortion Economy

Unit 42 explores trends in data theft and extortion, outlining key strategies for organizations as frontier AI models advance....
May 27, 2026
By  Matt Brady , Justin Moore
company article
Malware Threat Actor Groups

Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns

Unit 42 details Screening Serpens' use of AppDomainManager hijacking and new RAT variants to target tech and defense sectors in recent campaigns....
May 22, 2026
By  Unit 42
company article
Cloud Cybersecurity Research Threat Research

Paved With Intent: ROADtools and Nation-State Tactics in the Clou...

Open-source framework ROADtools is being misused by threat actors for cloud intrusions. Learn how to identify its malicious use....
May 22, 2026
By  Bill Batchelor , Eyal Rafian
company article
Malware Threat Research

Tracking TamperedChef Clusters via Certificate and Code Reuse

Unit 42 analyzes TamperedChef malware clusters that use trojanized productivity apps and malvertising to deliver stealthy payloads to targets. ...
May 20, 2026
By  Joseph Ganter
See all Unit 42 threat research

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Get the latest news, invites to events, and threat alerts

Get the latest news, invites to events, and threat alerts