Right arrow
Right arrow
Pictorial representation of the Prometei botnet. Person coding in a dark room, with monitors displaying software development code in various programming languages.
category iconThreat Research

Resurgence of the Prometei Botnet
Pictorial representation of KimJongRAT stealer. Image of a computer screen displaying code with a prominent Biohazard symbol in the center, accompanied by the text 'INFECTED' in red, indicating a cybersecurity threat.
category iconThreat Research

Exploring a New KimJongRAT Stealer Variant and Its PowerShell Implementation
Pictorial representation of serverless tokens in the cloud. East Asian woman examining data on multiple screens in a high-tech environment, surrounded by digital graphics and code.
category iconThreat Research

Serverless Tokens in the Cloud: Exploitation and Detections
Explore all the articles at the push of a button
View all articles

Access the latest threat research

View all research Right Arrow
Pictorial representation of JSFuck or JSFiretruck. Close-up view of a digital screen displaying a glitched and pixelated image of a skull-like shape.
category iconMalware

JSFireTruck: Exploring Malicious JavaScript Using JSF*ck as an Obfuscation Technique
Read now
Pictorial representation of ELF-based malware like NoodleRAT, Winnti, SSHdInjector, Pygmy Goat and AcidPour. Vibrant futuristic cityscape with glowing neon lines, clouds, and a dramatic sky at twilight.
category iconCloud Cybersecurity Research

The Evolution of Linux Binaries in Targeted Cloud Operations
Read now
Pictorial representation of AWS Roles Anywhere. Futuristic cityscape with glowing orange and blue structures, elevated clouds, and illuminated, scattered points representing lights or data points.
category iconCloud Cybersecurity Research

Roles Here? Roles There? Roles Anywhere: Exploring the Security of AWS IAM Roles Anywhere
Read now

Understand high profile cyberthreats and vulnerabilities

View high profile threats Right Arrow
Pictorial representation of CVE-2025-31324. Nighttime cityscape with illuminated skyscrapers and vibrant light trails in the sky.
category iconVulnerabilities

Threat Brief: CVE-2025-31324 (Updated May 23)
Read now
Pictorial representation of Muddled Libra (Scattered Spider). Illustration of a zodiac symbol Libra represented by scales, set against a cosmic purple background with stars.
category iconMalware

Threat Group Assessment: Muddled Libra (Updated May 16, 2025)
Read now
Pictorial representation of GitHub Actions supply chain attack. Digital illustration of a glowing blue brain connected to a network of lines and lights.
category iconCloud Cybersecurity Research

GitHub Actions Supply Chain Attack: A Targeted Attack on Coinbase Expanded to the Widespread tj-actions/changed-files Incident: Threat Assessment (Updated 4/2)
Read now
Pictorial representation of vulnerabilities like CVE-2025-0282, CVE-2025-0283. Digital representation of a global network with interconnected lines and nodes over a map, highlighting global connectivity and data exchange.
category iconVulnerabilities

Threat Brief: CVE-2025-0282 and CVE-2025-0283 (Updated March 11)
Read now
A pictorial representation of Akira ransomware, distributed by Howling Scorpius. A person's hand typing on a keyboard with a digital screen displaying the word "password" highlighted in blue, set against a backdrop of various cybersecurity interface graphics.
category iconRansomware

Threat Assessment: Howling Scorpius (Akira Ransomware)
Read now
Pictorial representation of vulnerabilities such as CVE-2024-0012 and CVE-2024-9474. A panoramic nighttime view of city skyline with illuminated high-rise buildings and vibrant lights.
category iconVulnerabilities

Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 and CVE-2024-9474 (Updated Nov. 22)
Read now

Explore in-depth cybersecurity trend reports

View All Right Arrow
Report

Stay ahead of the trends reshaping the threat landscape.

The 2025 Unit 42 Global Incident Response Report reveals a shifting threat landscape marked by faster, more complex attacks.

Learn about:

  • The increasing speed of attacks: Understand how attackers leverage AI and advanced tactics to reach exfiltration within an hour, leaving minimal time to respond.
  • Evolving attack techniques: Discover how 70% of incidents now span three or more attack surfaces, emphasizing the need for holistic security across endpoints, networks, cloud environments and human factors.
  • Key emerging threat trends: Explore the rise of disruptive extortion, supply chain vulnerabilities, insider threats and AI-assisted attacks, and how they impact organizations across industries.

The message is clear: To combat these rising threats, organizations must prioritize rapid detection, response and comprehensive security strategies.

 

Get the report
Pictorial representation of the ransomware landscape. Digital artwork of a disintegrating U.S. dollar bill with pixelated effects on a cyber-inspired background.
category iconRansomware

Extortion and Ransomware Trends January-March 2025
Read now
Pictorial representation of securing GenAI. A glowing cube labeled "AI" centrally positioned on a circuit board with intricate electronic connections and blue lighting.
category iconVulnerabilities

How Prompt Attacks Exploit GenAI and How to Fight Back
Read now
A pictorial representation of AI threats. Looking over the shoulder of a man in the cockpit of a vessel in space, the window looks out on an Earth-like planet.
category iconSecurity Technology

Unit 42 Looks Toward the Threat Frontier: Preparing for Emerging AI Risks
Read now
Pictorial representation of attack surface management. Close-up of a person wearing glasses with computer code reflections on the lenses.
category iconSecurity Technology

Unit 42 Attack Surface Threat Research: Over 23% of Internet-Connected Exposures Involve Critical IT and Security Infrastructure
Read now

Experience the ultimate cybersecurity transformation event.

Watch On Demand Right Arrow

Symphony: The Ultimate Cybersecurity Transformation Event of 2025

Symphony was packed with exclusive insights, live demos and stories from pros who are already conquering the toughest threats with Cortex®.

Check out the keynote plus additional technical deep dives from our product experts available on Palo Alto Networks TV.

Simply create an account to unlock access to the Symphony encore content including:

  • Upgrading from Traditional SIEM to XSIAM
  • Defeat Multidomain Attacks with AI-Powered Endpoint Security
  • Securing Code to Cloud to SOC
Watch On Demand
Promotional image for 'Symphony 25,' a virtual summit by Palo Alto Networks and Cortex, featuring an individual with blonde hair against a neon-lit city background. Text reads 'Undermine Adversaries, Unleash SecOps.' Text on the bottom points to On Demand content.

Watch, listen and learn about cybersecurity topics

View All Right Arrow

Follow the activities of threat actor groups tracked by Unit 42

All threat actor posts Right Arrow
Pictorial representation of Muddled Libra (Scattered Spider). Illustration of a zodiac symbol Libra represented by scales, set against a cosmic purple background with stars.
category iconMalware

Threat Group Assessment: Muddled Libra (Updated May 16, 2025)
Read now
Pictorial representation of the ransomware landscape. Digital artwork of a disintegrating U.S. dollar bill with pixelated effects on a cyber-inspired background.
category iconRansomware

Extortion and Ransomware Trends January-March 2025
Read now
Pictorial representation of APT Slow Pisces. The silhouette of two fish and the Pisces constellation inside an orange abstract planet. Background of stars and swirling purple and blue colors.
category iconCybercrime

Slow Pisces Targets Developers With Coding Challenges and Introduces New Customized Python Malware
Read now
Pictorial representation of APT Stately Taurus. The silhouette of a bull and the Taurus constellation inside an orange abstract planet. Abstract, stylized cosmic setting with vibrant blue and purple shapes, representing space and distant planetary bodies.
category iconMalware

Stately Taurus Activity in Southeast Asia Links to Bookworm Malware
Read now
A pictorial representation of an espionage operation against high-value targets in South Asia. Digital artwork featuring an abstract blend of vibrant blue, pink, and black colors with fragments of HTML code visible, creating a dynamic and modern visual effect against a glitch effect photo of someone typing on a keyboard.
category iconMalware

CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia
Read now
Pictorial representation of attackers leveraging Active Directory or LDAP. Close-up view of a server rack panel with illuminated lights and a digital display reading 'SYSTEM HACKED'.
category iconMalware

LDAP Enumeration: Unveiling the Double-Edged Sword of Active Directory
Read now

Get the latest news, invites to events, and threat alerts

Default Heading

Read the article Right Arrow