Right arrow
Right arrow
Pictorial representation of SLOW#TEMPEST campaign. Digital artwork depicting a malware alert symbol on a computer screen, with background of blurred programming code in blue and red colors.
category iconThreat Research

Evolving Tactics of SLOW#TEMPEST: A Deep Dive Into Advanced Malware Techniques
Pictorial representation of a ClickFix campaign. A glowing, red padlock illuminated with light particles, set against a dark, rainy backdrop.
category iconThreat Research

Fix the Click: Preventing the ClickFix Attack Vector
Pictorial representation of initial access brokers like TGR-CRI-0045. Digital concept image featuring a stream of glowing code with words like "Security," "Hackers," and "Crime" overlaid in bold text, symbolizing cybersecurity and data protection.
category iconThreat Actor Groups

GoldMelody’s Hidden Chords: Initial Access Broker In-Memory IIS Modules Revealed
Explore all the articles at the push of a button
View all articles

Access the latest threat research

View all research Right Arrow
Pictorial representation of CVEs such as CVE-2025-24813, CVE-2025-27636, CVE-2025-29891. Digital illustration of the United States with glowing connections and data flows across a map, symbolizing network connectivity and information technology.
category iconVulnerabilities

Apache Under the Lens: Tomcat’s Partial PUT and Camel’s Header Hijack
Read now
Pictorial representation of LNK malware. Digital abstract background featuring binary codes and connections, highlighted in blue tones in the shape of a skull, representing data and network concepts.
category iconMalware

Windows Shortcut (LNK) Malware Strategies
Read now
Pictorial representation of Iranian-backed threat groups and hacktivists. Digital illustration of a global network featuring interconnected lines and dots, suggesting a data-driven representation of worldwide connectivity, with a focus on technology and innovation. The image uses blue tones with red and light blue highlights.
category iconCybercrime

Threat Brief: Escalation of Cyber Risk Related to Iran (Updated June 30)
Read now

Understand high profile cyberthreats and vulnerabilities

View high profile threats Right Arrow
Pictorial representation of Iranian-backed threat groups and hacktivists. Digital illustration of a global network featuring interconnected lines and dots, suggesting a data-driven representation of worldwide connectivity, with a focus on technology and innovation. The image uses blue tones with red and light blue highlights.
category iconCybercrime

Threat Brief: Escalation of Cyber Risk Related to Iran (Updated June 30)
Read now
Pictorial representation of CVE-2025-31324. Nighttime cityscape with illuminated skyscrapers and vibrant light trails in the sky.
category iconVulnerabilities

Threat Brief: CVE-2025-31324 (Updated June 25)
Read now
Pictorial representation of Muddled Libra (Scattered Spider). Illustration of a zodiac symbol Libra represented by scales, set against a cosmic purple background with stars.
category iconMalware

Threat Group Assessment: Muddled Libra (Updated May 16, 2025)
Read now
Pictorial representation of GitHub Actions supply chain attack. Digital illustration of a glowing blue brain connected to a network of lines and lights.
category iconCloud Cybersecurity Research

GitHub Actions Supply Chain Attack: A Targeted Attack on Coinbase Expanded to the Widespread tj-actions/changed-files Incident: Threat Assessment (Updated 4/2)
Read now
Pictorial representation of vulnerabilities like CVE-2025-0282, CVE-2025-0283. Digital representation of a global network with interconnected lines and nodes over a map, highlighting global connectivity and data exchange.
category iconVulnerabilities

Threat Brief: CVE-2025-0282 and CVE-2025-0283 (Updated March 11)
Read now
A pictorial representation of Akira ransomware, distributed by Howling Scorpius. A person's hand typing on a keyboard with a digital screen displaying the word "password" highlighted in blue, set against a backdrop of various cybersecurity interface graphics.
category iconRansomware

Threat Assessment: Howling Scorpius (Akira Ransomware)
Read now

Explore in-depth cybersecurity trend reports

View All Right Arrow
Report

Stay ahead of the trends reshaping the threat landscape.

The 2025 Unit 42 Global Incident Response Report reveals a shifting threat landscape marked by faster, more complex attacks.

Learn about:

  • The increasing speed of attacks: Understand how attackers leverage AI and advanced tactics to reach exfiltration within an hour, leaving minimal time to respond.
  • Evolving attack techniques: Discover how 70% of incidents now span three or more attack surfaces, emphasizing the need for holistic security across endpoints, networks, cloud environments and human factors.
  • Key emerging threat trends: Explore the rise of disruptive extortion, supply chain vulnerabilities, insider threats and AI-assisted attacks, and how they impact organizations across industries.

The message is clear: To combat these rising threats, organizations must prioritize rapid detection, response and comprehensive security strategies.

 

Get the report
Pictorial representation of the ransomware landscape. Digital artwork of a disintegrating U.S. dollar bill with pixelated effects on a cyber-inspired background.
category iconRansomware

Extortion and Ransomware Trends January-March 2025
Read now
Pictorial representation of securing GenAI. A glowing cube labeled "AI" centrally positioned on a circuit board with intricate electronic connections and blue lighting.
category iconVulnerabilities

How Prompt Attacks Exploit GenAI and How to Fight Back
Read now
A pictorial representation of AI threats. Looking over the shoulder of a man in the cockpit of a vessel in space, the window looks out on an Earth-like planet.
category iconSecurity Technology

Unit 42 Looks Toward the Threat Frontier: Preparing for Emerging AI Risks
Read now
Pictorial representation of attack surface management. Close-up of a person wearing glasses with computer code reflections on the lenses.
category iconSecurity Technology

Unit 42 Attack Surface Threat Research: Over 23% of Internet-Connected Exposures Involve Critical IT and Security Infrastructure
Read now

Experience the ultimate cybersecurity transformation event.

Watch On Demand Right Arrow

Symphony: The Ultimate Cybersecurity Transformation Event of 2025

Symphony was packed with exclusive insights, live demos and stories from pros who are already conquering the toughest threats with Cortex®.

Check out the keynote plus additional technical deep dives from our product experts available on Palo Alto Networks TV.

Simply create an account to unlock access to the Symphony encore content including:

  • Upgrading from Traditional SIEM to XSIAM
  • Defeat Multidomain Attacks with AI-Powered Endpoint Security
  • Securing Code to Cloud to SOC
Watch On Demand
Promotional image for 'Symphony 25,' a virtual summit by Palo Alto Networks and Cortex, featuring an individual with blonde hair against a neon-lit city background. Text reads 'Undermine Adversaries, Unleash SecOps.' Text on the bottom points to On Demand content.

Watch, listen and learn about cybersecurity topics

View All Right Arrow

Follow the activities of threat actor groups tracked by Unit 42

All threat actor posts Right Arrow
Pictorial representation of Iranian-backed threat groups and hacktivists. Digital illustration of a global network featuring interconnected lines and dots, suggesting a data-driven representation of worldwide connectivity, with a focus on technology and innovation. The image uses blue tones with red and light blue highlights.
category iconCybercrime

Threat Brief: Escalation of Cyber Risk Related to Iran (Updated June 30)
Read now
Pictorial representation of Muddled Libra (Scattered Spider). Illustration of a zodiac symbol Libra represented by scales, set against a cosmic purple background with stars.
category iconMalware

Threat Group Assessment: Muddled Libra (Updated May 16, 2025)
Read now
Pictorial representation of the ransomware landscape. Digital artwork of a disintegrating U.S. dollar bill with pixelated effects on a cyber-inspired background.
category iconRansomware

Extortion and Ransomware Trends January-March 2025
Read now
Pictorial representation of APT Slow Pisces. The silhouette of two fish and the Pisces constellation inside an orange abstract planet. Background of stars and swirling purple and blue colors.
category iconCybercrime

Slow Pisces Targets Developers With Coding Challenges and Introduces New Customized Python Malware
Read now
Pictorial representation of APT Stately Taurus. The silhouette of a bull and the Taurus constellation inside an orange abstract planet. Abstract, stylized cosmic setting with vibrant blue and purple shapes, representing space and distant planetary bodies.
category iconMalware

Stately Taurus Activity in Southeast Asia Links to Bookworm Malware
Read now
A pictorial representation of an espionage operation against high-value targets in South Asia. Digital artwork featuring an abstract blend of vibrant blue, pink, and black colors with fragments of HTML code visible, creating a dynamic and modern visual effect against a glitch effect photo of someone typing on a keyboard.
category iconMalware

CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia
Read now

Get the latest news, invites to events, and threat alerts

Default Heading

Read the article Right Arrow