All news with #unit 42 tag

🔎 Unit 42 documents clusters of TamperedChef-style campaigns that trojanize productivity tools (e.g., PDF editors, calendars) to deliver stealers, RATs and proxies. These operations use malvertising-driven distribution, legitimate-looking sites, frequent binary rebuilds and code signing to evade detection. We tracked three clusters (CL-CRI-1089, CL-UNK-1090, CL-UNK-1110), over 4,000 samples and 100 variants. If compromised, contact the Unit 42 Incident Response team for assistance.

🔍 Researchers at Palo Alto Networks' Unit 42 say the Gremlin stealer has progressed from a basic credential harvester into a modular, stealth-oriented toolkit. New builds embed payloads in the .NET resource section and apply XOR obfuscation to evade static and heuristic detection. The threat continues to exfiltrate data via private web panels and the Telegram Bot API, while adding Discord token theft, a clipboard-based crypto clipper, and WebSocket session hijacking.

🔒 West Pharmaceutical Services disclosed a cyberattack detected on May 4, 2026, that resulted in data exfiltration and encryption of certain systems. The company took affected infrastructure offline globally for containment, notified law enforcement, and engaged external responders including Palo Alto Networks Unit 42. Core enterprise systems supporting shipping and manufacturing have been partially restored, but full recovery and the scope of stolen data remain under investigation.

🔒 Palo Alto Networks reports ongoing testing of frontier AI models, including Anthropic and OpenAI, finding they rapidly surface code vulnerabilities and potential exploit paths. In the May 'Patch Wednesday' advisories the majority of findings originated from these AI scans, prompting broad rescanning and remediation. The company warns of a narrow three-to-five-month window before AI-driven exploits spread and offers Unit 42 services to help organizations respond.

⚠️ Palo Alto Networks disclosed that threat actors attempted and later succeeded in exploiting a critical buffer overflow, CVE-2026-0300, in the PAN-OS User-ID Authentication Portal, enabling unauthenticated remote code execution as root. Unit 42 linked activity to a suspected state-sponsored cluster tracked as CL-STA-1132, noting shellcode was injected into an nginx worker. Customers are advised to restrict access to trusted zones or disable the portal if unused, and to apply fixes expected to begin rolling out on May 13, 2026.

🔴 Palo Alto Networks warns that suspected state‑sponsored actors have exploited a critical PAN‑OS zero‑day (CVE-2026-0300) in the User‑ID Authentication Portal, enabling unauthenticated remote code execution as root on exposed PA‑ and VM‑Series firewalls. Unit 42 says initial probing began April 9, with successful exploitation occurring about a week later; attackers cleaned logs and deployed tunneling tools. Palo Alto notes Cloud NGFW and Panorama are not affected and will issue patches starting May 13; administrators should restrict or disable the authentication portal until updates are applied.

🔒 Unit 42 details exploitation of a buffer overflow vulnerability (CVE-2026-0300) in the PAN-OS User-ID Authentication Portal that permits unauthenticated remote code execution as root on affected PA‑Series and VM‑Series firewalls. Observed adversary activity included shellcode injection into an nginx worker, rapid log and evidence cleanup, and deployment of tunneling tools such as EarthWorm and ReverseSocks5. Immediate mitigations are to restrict or disable the portal, apply vendor guidance, and enable available threat signatures and protections.

🔒 Unit 42 describes a fundamental shift in the npm threat landscape following the September 2025 Shai‑Hulud worm and subsequent 2026 incidents. Adversaries now harvest npm and GitHub tokens to persist inside CI/CD pipelines, deploy dormant multi‑stage payloads, and automatically republish backdoored packages. The report attributes a broad, coordinated campaign to TeamPCP, documents propagation via Docker Hub, GitHub Actions and VS Code extensions, and recommends mitigations such as credential rotation, egress filtering, and dependency pinning.

🔎 Since February, Unit 42 has observed sustained operations by TGR-STA-1030 across multiple countries, with a pronounced concentration in Central and South America. The observed intrusions reuse the same tactics, techniques, and procedures previously attributed to this group, indicating continuity with prior espionage campaigns. Analysts reference The Shadow Campaigns: Uncovering Global Espionage for historical context, and advise organizations in affected regions to review detections and strengthen defensive controls.

📞 BlackFile, a financially motivated extortion group active since February 2026, is using vishing and spoofed VoIP/CNAM calls to impersonate IT support and harvest employee credentials and one-time passcodes. Palo Alto Networks' Unit 42 and RH-ISAC report attackers register devices to bypass multifactor authentication, escalate to executive accounts, and search Salesforce and SharePoint via APIs for files containing terms like 'confidential' and 'SSN'. Stolen data is moved to attacker-controlled infrastructure and published on a dark web leak site before seven-figure ransom demands are issued; victims have also faced swatting and targeted harassment. Organizations are advised to tighten call-handling policies, enforce caller identity verification, and conduct simulation-based social engineering training.

🔒 Palo Alto Networks' Unit 42 summarizes the ten most frequent CISO questions about frontier AI, outlining operational risks, strategic impacts, and prioritized mitigation steps. The piece characterizes frontier models (for example, Anthropic Mythos) as advanced foundational systems that can autonomously find vulnerabilities, chain exploits, and scale reconnaissance and social engineering at machine speed. Unit 42 urges organizations to prioritize findings by attacker reachability and AI exploitability, adopt machine-speed defenses, integrate frontier models into the SDLC, and consider the Unit 42 Frontier AI Defense service and a CISO checklist for immediate and long-term hardening.

🔒 Unit 42 demonstrates Zealot, a multi-agent LLM proof of concept that autonomously chained well-known cloud exploits in an isolated GCP sandbox. The system coordinated specialist agents to perform reconnaissance, exploit an SSRF vulnerability, steal metadata service credentials, impersonate service accounts and exfiltrate BigQuery data without step-by-step human prompts. The report emphasizes that AI acts as a force multiplier—accelerating exploitation of misconfigurations rather than inventing novel techniques—and urges defenders to harden metadata access, enforce least privilege and adopt machine-speed detection and response.

⚠️ Unit 42's hands-on evaluation finds frontier AI models can autonomously identify complex software vulnerabilities and map exploit chains, dramatically accelerating the discovery-to-exploitation timeline. The researchers warn this capability raises immediate risks to open source projects and supply chains, and will compress N-day windows to hours. They urge aggressive prevention, automated patching, and hardened development pipelines.

🔒 Fortinet FortiGuard Labs and Palo Alto Networks Unit 42 report that threat actors are exploiting a command injection flaw, CVE-2024-3721, in TBK DVR devices to deliver a Mirai-family loader tracked as Nexcorium. The loader installs architecture-specific binaries, establishes persistence via crontab and systemd, and uses hard-coded credential lists plus an exploit for CVE-2017-17215 to spread to Huawei HG532 devices. Unit 42 also observed automated scans targeting EoL TP-Link routers via CVE-2023-33538, though initial attempts were flawed and did not achieve compromise. Researchers warn that unpatched, unsupported IoT devices and default credentials continue to enable large-scale DDoS botnets and recommend replacing EoL hardware and removing default passwords.

🔐 Palo Alto Networks today announced the Frontier AI Alliance with Accenture, Deloitte, IBM, NTT DATA and PwC to accelerate enterprise defenses against emergent frontier AI models. The alliance integrates Unit 42® Frontier AI Defense with partner implementation and remediation capabilities to deliver a validated AI Defense Blueprint and rapid exposure analysis. Together they offer on‑demand expertise and operational support to achieve accelerated immunity and resilience at machine speed, shortening hardening timelines from years to weeks.

🔒 Palo Alto Networks' Unit 42 is launching Frontier AI Defense, a consulting-led program that evaluates whether organizations are prepared for AI-powered attacks and provides six months of complimentary access to Cortex XDR, Cortex Xpanse and Koi Agentic Security for eligible customers. The offering pairs frontier AI models with Unit 42 offensive security expertise and threat telemetry to identify, validate and prioritize vulnerabilities, misconfigurations and attack paths most likely to be weaponized. It also delivers an Autonomous Security Blueprint to benchmark gaps and an Agentic Defense Transformation to implement prioritized architectural, control and operational changes that reduce exposure and improve containment.

⚠ A compromised npm maintainer account led to malicious Axios releases (v1.14.1 and v0.30.4) that introduced a hidden dependency, plain-crypto-js@4.2.1, which deployed a cross-platform remote access trojan (RAT). The postinstall lifecycle script executed a heavily obfuscated Node.js dropper that retrieved platform-specific payloads from a C2 at sfrclak[.]com:8000. Payloads for macOS, Windows and Linux implement a unified RAT protocol with 60-second beacons and capabilities to run commands, inject binaries and remove themselves. Unit 42 recommends immediate isolation, rebuilds from known-good images, credential rotation, dependency pinning and network egress blocking to the C2.

🔔 Unit 42 reports a targeted phishing campaign where attackers impersonate Palo Alto Networks talent acquisition staff to lure senior professionals. Adversaries use scraped LinkedIn data, company logos, and look-alike email domains to claim candidates’ resumes fail applicant tracking systems and pressure them into paid 'ATS alignment' services. Recipients are advised to verify sender domains, refuse payment requests, avoid suspicious attachments, and report incidents to corporate security and Unit 42 for assistance.

🔐At the NRF Big Show in January 2026, Google introduced the Universal Commerce Protocol (UCP) and highlighted compatibility with the Agent Payments Protocol (AP2), promising tokenized payments and verifiable credentials. Unit 42 warns that indirect prompt injection—where agents ingest hidden instructions while browsing—can enable novel fraud such as gift card payload poisoning and refund logic hijacking. Industry forecasts (Bain, McKinsey) predict substantial agentic commerce adoption, increasing the attack surface. Recommended mitigations include protocol guardrails (AP2), Know Your Agent, agent reputation scoring, Unit 42 AI Security Assessments and Prisma AIRS.

⚠️ Unit 42 examines real-world instances where malware calls external LLMs for decision making or cosmetic effect. The researchers present two representative cases: a trio of obfuscated .NET infostealers that call OpenAI GPT-3.5-Turbo but largely perform "AI theater" by logging model outputs without functional integration, and a Go dropper that queries GPT-4 to gate Sliver payload execution. The report highlights detection opportunities and recommends Advanced Threat Prevention, Advanced WildFire, and Cortex XDR/XSIAM to monitor telemetry and IOCs.