Right arrow
Right arrow
A digital illustration of glowing blockchain links superimposed on a background of binary code, representing cybersecurity and digital transactions in the context of modern financial technologies.
category iconThreat Actor Groups

Threat Group Assessment: Muddled Libra (Updated May 16, 2025)
A pictorial representation of DarkCloud Stealer. Hands type on a laptop. The image is overlaid with code containing syntax highlighting. The image has a glitch effect, suggesting cybersecurity or a cyber attack.
category iconThreat Research

DarkCloud Stealer: Comprehensive Analysis of a New Attack Chain That Employs AutoIt
Pictorial representation of CVE-2025-31324. Nighttime cityscape with illuminated skyscrapers and vibrant light trails in the sky.
category iconHigh Profile Threats

Threat Brief: CVE-2025-31324
Explore all the articles at the push of a button
View all articles

Access the latest threat research

View all research Right Arrow
Pictorial representation of .NET malware. Digital code on a screen with the word "System.Hack" highlighted, representing computer programming or cybersecurity concepts.
category iconMalware

Stealthy .NET Malware: Hiding Malicious Payloads as Bitmap Resources
Read now
A suspected Iranian espionage campaign impersonated a model agency site for data collection, including fictitious models as possible social engineering lures.
category iconMalware

Iranian Cyber Actors Impersonate Model Agency in Suspected Espionage Operation
Read now
Pictorial representation of Lampion. Digital abstract background featuring binary codes and connections, highlighted in blue tones, representing data and network concepts.
category iconMalware

Lampion Is Back With ClickFix Lures
Read now

Understand high profile cyberthreats and vulnerabilities

View high profile threats Right Arrow
Pictorial representation of GitHub Actions supply chain attack. Digital illustration of a glowing blue brain connected to a network of lines and lights.
category iconCloud Cybersecurity Research

GitHub Actions Supply Chain Attack: A Targeted Attack on Coinbase Expanded to the Widespread tj-actions/changed-files Incident: Threat Assessment (Updated 4/2)
Read now
Pictorial representation of vulnerabilities like CVE-2025-0282, CVE-2025-0283. Digital representation of a global network with interconnected lines and nodes over a map, highlighting global connectivity and data exchange.
category iconVulnerabilities

Threat Brief: CVE-2025-0282 and CVE-2025-0283 (Updated March 11)
Read now
A pictorial representation of Akira ransomware, distributed by Howling Scorpius. A person's hand typing on a keyboard with a digital screen displaying the word "password" highlighted in blue, set against a backdrop of various cybersecurity interface graphics.
category iconRansomware

Threat Assessment: Howling Scorpius (Akira Ransomware)
Read now
Pictorial representation of vulnerabilities such as CVE-2024-0012 and CVE-2024-9474. A panoramic nighttime view of city skyline with illuminated high-rise buildings and vibrant lights.
category iconVulnerabilities

Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 and CVE-2024-9474 (Updated Nov. 22)
Read now
Pictorial representation of a threat like BlackSuit ransomware. An illustration of a modern workspace with a laptop displaying cybersecurity icons, surrounded by stacks of coins and a credit card, all depicted in a neon, digital art style.
category iconRansomware

Threat Assessment: Ignoble Scorpius, Distributors of BlackSuit Ransomware
Read now
Pictorial representation of Lynx ransomware. A digital illustration of glowing chains with broken links, set against a background of binary code in blue and red.
category iconRansomware

Lynx Ransomware: A Rebranding of INC Ransomware
Read now

Explore in-depth cybersecurity trend reports

View All Right Arrow
Report

Stay ahead of the trends reshaping the threat landscape.

The 2025 Unit 42 Global Incident Response Report reveals a shifting threat landscape marked by faster, more complex attacks.

Learn about:

  • The increasing speed of attacks: Understand how attackers leverage AI and advanced tactics to reach exfiltration within an hour, leaving minimal time to respond.
  • Evolving attack techniques: Discover how 70% of incidents now span three or more attack surfaces, emphasizing the need for holistic security across endpoints, networks, cloud environments and human factors.
  • Key emerging threat trends: Explore the rise of disruptive extortion, supply chain vulnerabilities, insider threats and AI-assisted attacks, and how they impact organizations across industries.

The message is clear: To combat these rising threats, organizations must prioritize rapid detection, response and comprehensive security strategies.

 

Get the report
Pictorial representation of the ransomware landscape. Digital artwork of a disintegrating U.S. dollar bill with pixelated effects on a cyber-inspired background.
category iconRansomware

Extortion and Ransomware Trends January-March 2025
Read now
Pictorial representation of securing GenAI. A glowing cube labeled "AI" centrally positioned on a circuit board with intricate electronic connections and blue lighting.
category iconVulnerabilities

How Prompt Attacks Exploit GenAI and How to Fight Back
Read now
A pictorial representation of AI threats. Looking over the shoulder of a man in the cockpit of a vessel in space, the window looks out on an Earth-like planet.
category iconSecurity Technology

Unit 42 Looks Toward the Threat Frontier: Preparing for Emerging AI Risks
Read now
Pictorial representation of attack surface management. Close-up of a person wearing glasses with computer code reflections on the lenses.
category iconSecurity Technology

Unit 42 Attack Surface Threat Research: Over 23% of Internet-Connected Exposures Involve Critical IT and Security Infrastructure
Read now

Experience the ultimate cybersecurity transformation event.

Watch On Demand Right Arrow

Symphony: The Ultimate Cybersecurity Transformation Event of 2025

Symphony was packed with exclusive insights, live demos and stories from pros who are already conquering the toughest threats with Cortex®.

Check out the keynote plus additional technical deep dives from our product experts available on Palo Alto Networks TV.

Simply create an account to unlock access to the Symphony encore content including:

  • Upgrading from Traditional SIEM to XSIAM
  • Defeat Multidomain Attacks with AI-Powered Endpoint Security
  • Securing Code to Cloud to SOC
Watch On Demand
Promotional image for 'Symphony 25,' a virtual summit by Palo Alto Networks and Cortex, featuring an individual with blonde hair against a neon-lit city background. Text reads 'Undermine Adversaries, Unleash SecOps.' Text on the bottom points to On Demand content.

Watch, listen and learn about cybersecurity topics

View All Right Arrow

Follow the activities of threat actor groups tracked by Unit 42

All threat actor posts Right Arrow
Pictorial representation of the ransomware landscape. Digital artwork of a disintegrating U.S. dollar bill with pixelated effects on a cyber-inspired background.
category iconRansomware

Extortion and Ransomware Trends January-March 2025
Read now
Pictorial representation of APT Slow Pisces. The silhouette of two fish and the Pisces constellation inside an orange abstract planet. Background of stars and swirling purple and blue colors.
category iconCybercrime

Slow Pisces Targets Developers With Coding Challenges and Introduces New Customized Python Malware
Read now
Pictorial representation of APT Stately Taurus. The silhouette of a bull and the Taurus constellation inside an orange abstract planet. Abstract, stylized cosmic setting with vibrant blue and purple shapes, representing space and distant planetary bodies.
category iconMalware

Stately Taurus Activity in Southeast Asia Links to Bookworm Malware
Read now
A pictorial representation of an espionage operation against high-value targets in South Asia. Digital artwork featuring an abstract blend of vibrant blue, pink, and black colors with fragments of HTML code visible, creating a dynamic and modern visual effect against a glitch effect photo of someone typing on a keyboard.
category iconMalware

CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia
Read now
Pictorial representation of attackers leveraging Active Directory or LDAP. Close-up view of a server rack panel with illuminated lights and a digital display reading 'SYSTEM HACKED'.
category iconMalware

LDAP Enumeration: Unveiling the Double-Edged Sword of Active Directory
Read now
Pictorial representation of a threat like BlackSuit ransomware. An illustration of a modern workspace with a laptop displaying cybersecurity icons, surrounded by stacks of coins and a credit card, all depicted in a neon, digital art style.
category iconRansomware

Threat Assessment: Ignoble Scorpius, Distributors of BlackSuit Ransomware
Read now

Get the latest news, invites to events, and threat alerts

Default Heading

Read the article Right Arrow