Latest Blogs

POPULAR BLOGS

Popular Topics

SOC
Code to Cloud
Runtime Protection
Real-time cloud security
Cortex Cloud
Agentic AI

Unit 42 Threat Research

company article
Malware Threat Research

Phishing on the Edge of the Web and Mobile Using QR Codes

We discuss the extensive use of malicious QR codes using URL shorteners, in-app deep links and direct APK downloads to bypass mobile security....
February 13, 2026
By  Diva-Oriane Marty , Shehroze Farooqi , Alex Starov
company article
High Profile Threats Malware

Nation-State Actors Exploit Notepad++ Supply Chain

Unit 42 reveals new infrastructure associated with the Notepad++ attack. This expands understanding of threat actor operations and malware delivery....
February 11, 2026
By  Unit 42
company article
Cybercrime Threat Actor Groups

A Peek Into Muddled Libra’s Operational Playbook

Explore the tools Unit 42 found on a Muddled Libra rogue host. Learn how they target domain controllers and use search engines to aid their attacks....
February 10, 2026
By  Justin De Luna , Noah Rincon , Cuong Dinh
company article
Cloud Cybersecurity Research Threat Research

Novel Technique to Detect Cloud Threat Actor Operations

We introduce a novel method that maps cloud alert trends to MITRE ATT&CK techniques. The patterns created could identify threat actors by behavior....
February 6, 2026
By  Nathaniel Quist
company article
Nation-State Cyberattacks Threat Actor Groups

The Shadow Campaigns: Uncovering Global Espionage

In 2025 a threat group compromised government and critical infrastructure in 37 countries, with reconnaissance in 155....
February 5, 2026
By  Unit 42
company article
Business Email Compromise Cybercrime Insights Opinions

Why Smart People Fall For Phishing Attacks

Why do successful phishing attacks target our psychology rather than just our software? Discover Unit 42’s latest insights on defeating social engineering and...
February 3, 2026
By  Ria Bhatia
company article
Threat Research Vulnerabilities

Privileged File System Vulnerability Present in a SCADA System

We detail our discovery of CVE-2025-0921. This privileged file system flaw in SCADA system Iconics Suite could lead to a denial-of-service (DoS) attack....
January 30, 2026
By  Asher Davila , Malav Vyas
company article
Cybercrime Insights Opinions

Understanding the Russian Cyberthreat to the 2026 Winter Olympics

Russia's current isolation from the Olympics may lead to increased cyberthreats targeting the 2026 Winter Games. We discuss the potential threat picture....
January 29, 2026
By  Justin Moore
See all Unit 42 threat research

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Get the latest news, invites to events, and threat alerts

Get the latest news, invites to events, and threat alerts