All news with #palo alto networks tag

🛡️ At Nutanix .NEXT 2026, Palo Alto Networks highlighted an expanded integration delivering native, automated security across Nutanix environments and was named Nutanix 2026 Global Security Partner of the Year. The partnership extends Layer‑7 protection via VM‑Series virtual firewalls, consistent hybrid cloud policies for Nutanix Cloud Clusters (NC2), and Panorama-driven automation. A forthcoming integration embeds Prisma AIRS into Nutanix Enterprise AI (NAI) to enforce AI Model Security, continuous AI Red Teaming, and unified visibility so only validated models reach production.

🔒 Unit 42 details how widespread Kubernetes attacks—driven by identity theft and exposed services—enable escalation from containers into cloud backends. The report highlights stolen service account tokens and the rapid exploitation of React2Shell (CVE-2025-55182), showing how attackers extract mounted tokens and cloud credentials. Practical mitigations include strict RBAC, short-lived projected tokens, runtime telemetry, and API audit logging. Unit 42 maps these behaviors to MITRE ATT&CK and provides detection examples.

📡 The UK Government’s 2026 Cyber Action Plan (GCAP) requires continuous, data-driven visibility across an expanding, borderless digital estate. Cortex Xpanse provides an agentless, outside-in EASM capability that continuously discovers internet-facing assets, uncovers shadow IT and unmanaged cloud, and prioritises exposures. It also supports supply chain assessments, aligns with NCSC guidance and integrates with automation tools to accelerate remediation and reporting.

🔒 Work has shifted into the browser, creating a broad visibility and control gap as employees access SaaS, collaborate with GenAI and interact across unmanaged devices. Legacy perimeter and endpoint tools cannot see last-mile actions such as sensitive uploads to unsanctioned models, malicious extensions, or agentic browser behaviors that reassemble malware in memory. Prisma Browser restores control with context-aware policies, embedded Enterprise DLP, continuous page inspection and governance for both human and agent activity, enabling safe AI use without blocking innovation.

🔎 Unit 42 identified converging cyberespionage clusters that targeted a Southeast Asian government between June and August 2025. The investigation found three simultaneous activity clusters—Stately Taurus, CL-STA-1048, and CL-STA-1049—using USB-propagated worms, multiple RATs, and stealthy loaders to establish persistent access and exfiltrate data. Unit 42 links tooling and TTPs to China-aligned actors and recommends layered defenses including Cortex XDR and Advanced WildFire.

🔒 Palo Alto Networks updated Prisma AIRS and its Prisma Browser to discover and map AI agents, models and connections across cloud, SaaS and endpoints, scan agent artifacts for vulnerabilities, and simulate agent-targeted attacks. Prisma AIRS 3.0 — contingent on the planned acquisition of Koi Security — will add an AI Agent Gateway to enforce agent runtime and identity security. Prisma Browser now detects user-generated AI activity, enforces content-aware boundaries, prevents sensitive data from leaking to unmanaged LLMs, and blocks prompt-injection attacks. Separately, following its CyberArk deal, Palo Alto introduced Next Generation Trust Security (NGTS) to automate certificate discovery and lifecycle management.

🔒 Palo Alto Networks announces the next evolution of Prisma SASE, engineered to secure the emerging era of agentic AI by treating autonomous agents as first-class identities. The platform reimagines Prisma Browser as a secure AI workspace, extending AI-powered data protection across endpoints, network, SaaS and GenAI apps while detecting prompt injection and agent hijacking. It also adds autonomous operations and resilient deployment options, including SASE Private Location and hyperscaler integration, to ensure always-on performance for machine-speed workflows.

🔒 Palo Alto Networks today introduced Prisma AIRS 3.0, a unified security platform designed to secure the emerging AI enterprise and agentic systems across cloud, SaaS, endpoints and browsers. The release emphasizes three pillars—Discover, Assess, Protect—expanding visibility from AI applications to live maps of enterprise agents and surfacing shadow AI. New capabilities include Agent Artifact Scanning, multiagent red teaming, an AI Agent Gateway for centralized policy enforcement, and agent identity controls to govern delegated access. Palo Alto positions the platform as a single control plane to replace point solutions and manage agent-specific runtime threats.

🔐 Prisma Browser for Business delivers a secure, browser-first workspace tailored to small businesses, combining enterprise-grade threat detection with a simplified admin experience. Built on Chromium and powered by Palo Alto Networks' Precision AI, it inspects webpages and extensions in real time to block AI-enabled phishing, browser-delivered malware, and risky extensions. The browser adds AI-aware controls to prevent sensitive data from being pasted into unauthorized GenAI tools and offers one-click SSO onboarding, preconfigured policies, and a 30-day no-contract trial.

🔐At the NRF Big Show in January 2026, Google introduced the Universal Commerce Protocol (UCP) and highlighted compatibility with the Agent Payments Protocol (AP2), promising tokenized payments and verifiable credentials. Unit 42 warns that indirect prompt injection—where agents ingest hidden instructions while browsing—can enable novel fraud such as gift card payload poisoning and refund logic hijacking. Industry forecasts (Bain, McKinsey) predict substantial agentic commerce adoption, increasing the attack surface. Recommended mitigations include protocol guardrails (AP2), Know Your Agent, agent reputation scoring, Unit 42 AI Security Assessments and Prisma AIRS.

🔒 The integration of Prisma AIRS with ServiceNow's AI Control Tower embeds AI runtime security and model governance directly into enterprise workflows. Prisma AIRS delivers real‑time detection and blocking of threats such as prompt injection and offensive outputs, while Model Security supplies risk profiles, red‑teaming results and vulnerability reports for third‑party and custom models. Together they provide centralized visibility, policy enforcement and safer AI adoption without disrupting user productivity.

⚠️ Unit 42 examines real-world instances where malware calls external LLMs for decision making or cosmetic effect. The researchers present two representative cases: a trio of obfuscated .NET infostealers that call OpenAI GPT-3.5-Turbo but largely perform "AI theater" by logging model outputs without functional integration, and a Go dropper that queries GPT-4 to gate Sliver payload execution. The report highlights detection opportunities and recommends Advanced Threat Prevention, Advanced WildFire, and Cortex XDR/XSIAM to monitor telemetry and IOCs.

🔒 Unit 42 examines the security tradeoffs of agentic AI, spotlighting the early 2026 Clawdbot surge and pervasive vulnerabilities such as exposed gateways, plaintext credentials, and overbroad permissions. The piece identifies two primary threat paths: malicious model files and compromised Model Context Protocol (MCP) servers, and explains how compromised agents can act as powerful insider threats. Practical guidance includes scanning and sandboxing models, preferring trusted remote MCPs or auditing local MCP code, enforcing strict least-privilege tool access, implementing prompt-injection guardrails, and maintaining detailed logging and policy reviews.

🤝 Palo Alto Networks has reimagined the NextWave Partner Program to align partners, customers and platform-driven security in the AI era. The update expands support for MSSPs, increases authorized services capacity with ASC and APS, and supports Distributor Managed Partner growth. It introduces a Partner Development Fund (PDF) to reinvest rebates into partner-led demand generation, training and solution development. New incentives, proficiency-based discounts and streamlined quoting and enablement tools emphasize platform adoption, operational readiness and profitable services within a framework of Access, Commitment and Profitability.

⚠️ Unit 42 demonstrates a genetic-algorithm-inspired prompt-fuzzing technique that automatically generates meaning-preserving variants of disallowed requests to evaluate LLM guardrails. Their experiments show evasion rates vary widely by keyword and model, with some combinations yielding high, operationally meaningful success rates. They recommend treating LLMs as probabilistic boundaries, applying layered controls, continuous adversarial testing, and using tools like Prisma AIRS and Unit 42 assessments to strengthen defenses.

🔒Boggy Serpens (aka MuddyWater) is a persistent Iranian cyberespionage group that has shifted from noisy spear phishing to tailored, long-term intrusion campaigns targeting diplomatic, maritime, energy and financial sectors. The actor exploits hijacked trusted accounts and blurred-document macros to bypass reputation filters and deploys AI-assisted and Rust-based implants such as BlackBeard, LampoRAT, UDPGangster and Nuso. Defenders should enforce strict macro controls and layered protections including Cortex XDR and Advanced WildFire to detect behavioral anomalies and limit long-term persistence.

🛡️ Palo Alto Networks' Unit 42 attributes a China-linked espionage campaign, tracked as CL-STA-1087, to long-running intrusions against Southeast Asian military organizations dating to 2020. The operators used staged loaders, DLL hijacking and sleep-based sandbox evasion to deploy backdoors AppleChris and MemFun, plus a credential stealer named Getpass. Persistent, modular tooling and Pastebin-based dead drops enabled stealthy, long-term access focused on C4I and organizational intelligence.

🔍 Palo Alto Networks Unit 42 details a persistent espionage campaign, CL-STA-1087, suspected to operate from China and targeting Southeast Asian military organizations. The actors used custom backdoors AppleChris and MemFun, plus a modified credential harvester Getpass, and relied on Pastebin/Dropbox dead-drop resolvers for stealthy C2 resolution. Unit 42 provides IoCs, SHA256 hashes and defensive guidance for Cortex XDR, Advanced WildFire and related protections.

🔒 Researchers at Unit 42, Palo Alto Networks' lab, have demonstrated that LLM-based safety and evaluation systems — called AI Judges — can be manipulated via prompt-injection-style token sequences. Their custom fuzzer, AdvJudge-Zero, probes models in a black-box manner, finding low-perplexity formatting tokens that shift internal attention and increase the likelihood of an 'allow' decision. Unit 42 recorded a 99% bypass rate across multiple architectures, and showed that adversarial retraining on fuzzer-discovered examples can reduce that success rate to near zero.

🔒 Palo Alto Networks has launched Prisma AIRS in the Singapore cloud region to provide locally hosted, AI-native cybersecurity for organizations adopting generative AI and agentic workflows. The regional landing delivers capabilities across AI Model Security, AI Red Teaming, AI Runtime Security, and AI Agent SSPM, addressing risks such as prompt injection, model tampering and sensitive data leaks. Local hosting supports data residency, regulatory alignment and improved performance for enterprises in Singapore.