Latest Blogs

POPULAR BLOGS

Popular Topics

SOC
Code to Cloud
Runtime Protection
Real-time cloud security
Cortex Cloud
Agentic AI

Unit 42 Threat Research

company article
Cloud Cybersecurity Research Threat Research

Novel Technique to Detect Cloud Threat Actor Operations

We introduce a novel method that maps cloud alert trends to MITRE ATT&CK techniques. The patterns created could identify threat actors by behavior....
February 6, 2026
By  Nathaniel Quist
company article
Nation-State Cyberattacks Threat Actor Groups

The Shadow Campaigns: Uncovering Global Espionage

In 2025 a threat group compromised government and critical infrastructure in 37 countries, with reconnaissance in 155....
February 5, 2026
By  Unit 42
company article
Business Email Compromise Cybercrime Insights Opinions

Why Smart People Fall For Phishing Attacks

Why do successful phishing attacks target our psychology rather than just our software? Discover Unit 42’s latest insights on defeating social engineering and...
February 3, 2026
By  Ria Bhatia
company article
Threat Research Vulnerabilities

Privileged File System Vulnerability Present in a SCADA System

We detail our discovery of CVE-2025-0921. This privileged file system flaw in SCADA system Iconics Suite could lead to a denial-of-service (DoS) attack....
January 30, 2026
By  Asher Davila , Malav Vyas
company article
Cybercrime Insights Opinions

Understanding the Russian Cyberthreat to the 2026 Winter Olympics

Russia's current isolation from the Olympics may lead to increased cyberthreats targeting the 2026 Winter Games. We discuss the potential threat picture....
January 29, 2026
By  Justin Moore
company article
General Insights

Happy 9th Anniversary, CTA: A Celebration of Collaboration in Cyb...

Unit 42 celebrates 9 years of the Cyber Threat Alliance, tracing its journey from a bold idea to a global leader in collaborative cyber defense....
January 23, 2026
By  Kathi Whitbey
company article
Malware Threat Research

The Next Frontier of Runtime Assembly Attacks: Leveraging LLMs to...

We discuss a novel AI-augmented attack method where malicious webpages use LLM services to generate dynamic code in real-time within a browser....
January 22, 2026
By  Shehroze Farooqi , Alex Starov , Diva-Oriane Marty , Billy Melicher
company article
Cloud Cybersecurity Research DNS Threat Research

DNS OverDoS: Are Private Endpoints Too Private?

We've identified an aspect of Azure’s Private Endpoint architecture that could expose Azure resources to denial of service (DoS) attacks....
January 20, 2026
By  Golan Myers
See all Unit 42 threat research

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Get the latest news, invites to events, and threat alerts

Get the latest news, invites to events, and threat alerts