Right arrow
Right arrow
Pictorial representation of multilayered attack chain. Biohazard symbol displayed over computer code, indicating a detected cybersecurity threat.
category iconThreat Research

Cascading Shadows: An Attack Chain Approach to Avoid Detection and Complicate Analysis
Pictorial representation of APT Slow Pisces. The silhouette of two fish and the Pisces constellation inside an orange abstract planet. Background of stars and swirling purple and blue colors.
category iconThreat Actor Groups

Slow Pisces Targets Developers With Coding Challenges and Introduces New Customized Python Malware
Pictorial representation of securing GenAI. A glowing cube labeled "AI" centrally positioned on a circuit board with intricate electronic connections and blue lighting.
category iconTrend Reports

How Prompt Attacks Exploit GenAI and How to Fight Back
Explore all the articles at the push of a button
View all articles

Access the latest threat research

View all research Right Arrow
Digital representation of vulnerabilities in OpenID Connect (OIDC) implementations for cloud access. A cloud computing network over a blurred background of server racks in a data center.
category iconCloud Cybersecurity Research

OH-MY-DC: OIDC Misconfigurations in CI/CD
Read now
Pictorial representation of a QR code phishing campaign. Digital artwork of a futuristic, glowing shield disintegrating into small particles, set against a dark blue, speckled background.
category iconBusiness Email Compromise

Evolution of Sophisticated Phishing Tactics: The QR Code Phenomenon
Read now
Pictorial representation of cloud alert trends. Digital illustration of a glowing cloud composed of binary code, surrounded by dynamic red and blue light streaks, symbolizing cloud computing technology.
category iconCloud Cybersecurity Research

Cloud Threats on the Rise: Alert Trends Show Intensified Attacker Focus on IAM, Exfiltration
Read now

Understand high profile cyberthreats and vulnerabilities

View high profile threats Right Arrow
Pictorial representation of GitHub Actions supply chain attack. Digital illustration of a glowing blue brain connected to a network of lines and lights.
category iconCloud Cybersecurity Research

GitHub Actions Supply Chain Attack: A Targeted Attack on Coinbase Expanded to the Widespread tj-actions/changed-files Incident: Threat Assessment (Updated 4/2)
Read now
Pictorial representation of vulnerabilities like CVE-2025-0282, CVE-2025-0283. Digital representation of a global network with interconnected lines and nodes over a map, highlighting global connectivity and data exchange.
category iconVulnerabilities

Threat Brief: CVE-2025-0282 and CVE-2025-0283 (Updated March 11)
Read now
A pictorial representation of Akira ransomware, distributed by Howling Scorpius. A person's hand typing on a keyboard with a digital screen displaying the word "password" highlighted in blue, set against a backdrop of various cybersecurity interface graphics.
category iconRansomware

Threat Assessment: Howling Scorpius (Akira Ransomware)
Read now
Pictorial representation of vulnerabilities such as CVE-2024-0012 and CVE-2024-9474. A panoramic nighttime view of city skyline with illuminated high-rise buildings and vibrant lights.
category iconVulnerabilities

Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 and CVE-2024-9474 (Updated Nov. 22)
Read now
Pictorial representation of a threat like BlackSuit ransomware. An illustration of a modern workspace with a laptop displaying cybersecurity icons, surrounded by stacks of coins and a credit card, all depicted in a neon, digital art style.
category iconRansomware

Threat Assessment: Ignoble Scorpius, Distributors of BlackSuit Ransomware
Read now
Pictorial representation of Lynx ransomware. A digital illustration of glowing chains with broken links, set against a background of binary code in blue and red.
category iconRansomware

Lynx Ransomware: A Rebranding of INC Ransomware
Read now

Explore in-depth cybersecurity trend reports

View All Right Arrow
Report

Stay ahead of the trends reshaping the threat landscape.

The 2025 Unit 42 Global Incident Response Report reveals a shifting threat landscape marked by faster, more complex attacks.

Learn about:

  • The increasing speed of attacks: Understand how attackers leverage AI and advanced tactics to reach exfiltration within an hour, leaving minimal time to respond.
  • Evolving attack techniques: Discover how 70% of incidents now span three or more attack surfaces, emphasizing the need for holistic security across endpoints, networks, cloud environments and human factors.
  • Key emerging threat trends: Explore the rise of disruptive extortion, supply chain vulnerabilities, insider threats and AI-assisted attacks, and how they impact organizations across industries.

The message is clear: To combat these rising threats, organizations must prioritize rapid detection, response and comprehensive security strategies.

 

Get the report
Cover of the Unit 42 Global Incident Response Report
A pictorial representation of AI threats. Looking over the shoulder of a man in the cockpit of a vessel in space, the window looks out on an Earth-like planet.
category iconSecurity Technology

Unit 42 Looks Toward the Threat Frontier: Preparing for Emerging AI Risks
Read now
Pictorial representation of attack surface management. Close-up of a person wearing glasses with computer code reflections on the lenses.
category iconSecurity Technology

Unit 42 Attack Surface Threat Research: Over 23% of Internet-Connected Exposures Involve Critical IT and Security Infrastructure
Read now
Pictorial representation of ransomware activity in the first half of 2024. A digitial illustration of a lock made up of nodes glowing against a background of bokeh points.
category iconRansomware

Ransomware Review: First Half of 2024
Read now
category iconCloud Cybersecurity Research

Attack Paths Into VMs in the Cloud
Read now

Experience the ultimate cybersecurity transformation event.

Watch On Demand Right Arrow

Symphony: The Ultimate Cybersecurity Transformation Event of 2025

Symphony was packed with exclusive insights, live demos and stories from pros who are already conquering the toughest threats with Cortex®.

Check out the keynote plus additional technical deep dives from our product experts available on Palo Alto Networks TV.

Simply create an account to unlock access to the Symphony encore content including:

  • Upgrading from Traditional SIEM to XSIAM
  • Defeat Multidomain Attacks with AI-Powered Endpoint Security
  • Securing Code to Cloud to SOC
Watch On Demand
Promotional image for 'Symphony 25,' a virtual summit by Palo Alto Networks and Cortex, featuring an individual with blonde hair against a neon-lit city background. Text reads 'Undermine Adversaries, Unleash SecOps.' Text on the bottom points to On Demand content.

Watch, listen and learn about cybersecurity topics

View All Right Arrow

Follow the activities of threat actor groups tracked by Unit 42

All threat actor posts Right Arrow
Pictorial representation of APT Stately Taurus. The silhouette of a bull and the Taurus constellation inside an orange abstract planet. Abstract, stylized cosmic setting with vibrant blue and purple shapes, representing space and distant planetary bodies.
category iconMalware

Stately Taurus Activity in Southeast Asia Links to Bookworm Malware
Read now
A pictorial representation of an espionage operation against high-value targets in South Asia. Digital artwork featuring an abstract blend of vibrant blue, pink, and black colors with fragments of HTML code visible, creating a dynamic and modern visual effect against a glitch effect photo of someone typing on a keyboard.
category iconMalware

CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia
Read now
Pictorial representation of attackers leveraging Active Directory or LDAP. Close-up view of a server rack panel with illuminated lights and a digital display reading 'SYSTEM HACKED'.
category iconMalware

LDAP Enumeration: Unveiling the Double-Edged Sword of Active Directory
Read now
Pictorial representation of a threat like BlackSuit ransomware. An illustration of a modern workspace with a laptop displaying cybersecurity icons, surrounded by stacks of coins and a credit card, all depicted in a neon, digital art style.
category iconRansomware

Threat Assessment: Ignoble Scorpius, Distributors of BlackSuit Ransomware
Read now
A pictorial representation of a campaign like BeaverTail. Digital globe with interconnected network lines and data streams on a futuristic interface, symbolizing global connectivity and information technology advancements.
category iconBusiness Email Compromise

Fake North Korean IT Worker Linked to BeaverTail Video Conference App Phishing Attack
Read now
A pictorial represntation of cybercrime like Silent Skimmer. A glowing red padlock on a wet surface with red particles floating in a misty, dark blue background.
category iconCybercrime

Silent Skimmer Gets Loud (Again)
Read now

Get the latest news, invites to events, and threat alerts

Default Heading

Read the article Right Arrow