< ciso
brief />
Tag Banner

All news with #unit 42 tag

78 articles · page 2 of 4

Zealot: Autonomous AI Attacks on Cloud Environments

🔒 Unit 42 demonstrates Zealot, a multi-agent LLM proof of concept that autonomously chained well-known cloud exploits in an isolated GCP sandbox. The system coordinated specialist agents to perform reconnaissance, exploit an SSRF vulnerability, steal metadata service credentials, impersonate service accounts and exfiltrate BigQuery data without step-by-step human prompts. The report emphasizes that AI acts as a force multiplier—accelerating exploitation of misconfigurations rather than inventing novel techniques—and urges defenders to harden metadata access, enforce least privilege and adopt machine-speed detection and response.
read more →

Frontier AI Raises Software Vulnerability Risks, Urgency

⚠️ Unit 42's hands-on evaluation finds frontier AI models can autonomously identify complex software vulnerabilities and map exploit chains, dramatically accelerating the discovery-to-exploitation timeline. The researchers warn this capability raises immediate risks to open source projects and supply chains, and will compress N-day windows to hours. They urge aggressive prevention, automated patching, and hardened development pipelines.
read more →

Mirai Variant 'Nexcorium' Exploits TBK DVR, TP‑Link Flaws

🔒 Fortinet FortiGuard Labs and Palo Alto Networks Unit 42 report that threat actors are exploiting a command injection flaw, CVE-2024-3721, in TBK DVR devices to deliver a Mirai-family loader tracked as Nexcorium. The loader installs architecture-specific binaries, establishes persistence via crontab and systemd, and uses hard-coded credential lists plus an exploit for CVE-2017-17215 to spread to Huawei HG532 devices. Unit 42 also observed automated scans targeting EoL TP-Link routers via CVE-2023-33538, though initial attempts were flawed and did not achieve compromise. Researchers warn that unpatched, unsupported IoT devices and default credentials continue to enable large-scale DDoS botnets and recommend replacing EoL hardware and removing default passwords.
read more →

Palo Alto Networks Launches Frontier AI Alliance Now

🔐 Palo Alto Networks today announced the Frontier AI Alliance with Accenture, Deloitte, IBM, NTT DATA and PwC to accelerate enterprise defenses against emergent frontier AI models. The alliance integrates Unit 42® Frontier AI Defense with partner implementation and remediation capabilities to deliver a validated AI Defense Blueprint and rapid exposure analysis. Together they offer on‑demand expertise and operational support to achieve accelerated immunity and resilience at machine speed, shortening hardening timelines from years to weeks.
read more →

Palo Alto Networks Introduces Unit 42 Frontier AI Defense

🔒 Palo Alto Networks' Unit 42 is launching Frontier AI Defense, a consulting-led program that evaluates whether organizations are prepared for AI-powered attacks and provides six months of complimentary access to Cortex XDR, Cortex Xpanse and Koi Agentic Security for eligible customers. The offering pairs frontier AI models with Unit 42 offensive security expertise and threat telemetry to identify, validate and prioritize vulnerabilities, misconfigurations and attack paths most likely to be weaponized. It also delivers an Autonomous Security Blueprint to benchmark gaps and an Agentic Defense Transformation to implement prioritized architectural, control and operational changes that reduce exposure and improve containment.
read more →

Axios npm Supply Chain Attack Injects Cross-Platform RAT

⚠ A compromised npm maintainer account led to malicious Axios releases (v1.14.1 and v0.30.4) that introduced a hidden dependency, plain-crypto-js@4.2.1, which deployed a cross-platform remote access trojan (RAT). The postinstall lifecycle script executed a heavily obfuscated Node.js dropper that retrieved platform-specific payloads from a C2 at sfrclak[.]com:8000. Payloads for macOS, Windows and Linux implement a unified RAT protocol with 60-second beacons and capabilities to run commands, inject binaries and remove themselves. Unit 42 recommends immediate isolation, rebuilds from known-good images, credential rotation, dependency pinning and network egress blocking to the C2.
read more →

Phishing Impersonating Palo Alto Networks Recruiters

🔔 Unit 42 reports a targeted phishing campaign where attackers impersonate Palo Alto Networks talent acquisition staff to lure senior professionals. Adversaries use scraped LinkedIn data, company logos, and look-alike email domains to claim candidates’ resumes fail applicant tracking systems and pressure them into paid 'ATS alignment' services. Recipients are advised to verify sender domains, refuse payment requests, avoid suspicious attachments, and report incidents to corporate security and Unit 42 for assistance.
read more →

Agentic Commerce Risks: AI-Enabled Retail Fraud Scenarios

🔐At the NRF Big Show in January 2026, Google introduced the Universal Commerce Protocol (UCP) and highlighted compatibility with the Agent Payments Protocol (AP2), promising tokenized payments and verifiable credentials. Unit 42 warns that indirect prompt injection—where agents ingest hidden instructions while browsing—can enable novel fraud such as gift card payload poisoning and refund logic hijacking. Industry forecasts (Bain, McKinsey) predict substantial agentic commerce adoption, increasing the attack surface. Recommended mitigations include protocol guardrails (AP2), Know Your Agent, agent reputation scoring, Unit 42 AI Security Assessments and Prisma AIRS.
read more →

Analyzing Current Use of AI in Malware: Unit 42 Report

⚠️ Unit 42 examines real-world instances where malware calls external LLMs for decision making or cosmetic effect. The researchers present two representative cases: a trio of obfuscated .NET infostealers that call OpenAI GPT-3.5-Turbo but largely perform "AI theater" by logging model outputs without functional integration, and a Go dropper that queries GPT-4 to gate Sliver payload execution. The report highlights detection opportunities and recommends Advanced Threat Prevention, Advanced WildFire, and Cortex XDR/XSIAM to monitor telemetry and IOCs.
read more →

Chinese APT Targets Southeast Asian Militaries Since 2020

🛡️ Palo Alto Networks' Unit 42 attributes a China-linked espionage campaign, tracked as CL-STA-1087, to long-running intrusions against Southeast Asian military organizations dating to 2020. The operators used staged loaders, DLL hijacking and sleep-based sandbox evasion to deploy backdoors AppleChris and MemFun, plus a credential stealer named Getpass. Persistent, modular tooling and Pastebin-based dead drops enabled stealthy, long-term access focused on C4I and organizational intelligence.
read more →

Suspected China-Linked Espionage Against SE Asian Militaries

🔍 Palo Alto Networks Unit 42 details a persistent espionage campaign, CL-STA-1087, suspected to operate from China and targeting Southeast Asian military organizations. The actors used custom backdoors AppleChris and MemFun, plus a modified credential harvester Getpass, and relied on Pastebin/Dropbox dead-drop resolvers for stealthy C2 resolution. Unit 42 provides IoCs, SHA256 hashes and defensive guidance for Cortex XDR, Advanced WildFire and related protections.
read more →

Researchers Find Major Security Flaws in LLM Guardrails

🔒 Researchers at Unit 42, Palo Alto Networks' lab, have demonstrated that LLM-based safety and evaluation systems — called AI Judges — can be manipulated via prompt-injection-style token sequences. Their custom fuzzer, AdvJudge-Zero, probes models in a black-box manner, finding low-perplexity formatting tokens that shift internal attention and increase the likelihood of an 'allow' decision. Unit 42 recorded a 99% bypass rate across multiple architectures, and showed that adversarial retraining on fuzzer-discovered examples can reduce that success rate to near zero.
read more →

Chinese-linked CL-UNK-1068 Targets Asian Critical Sectors

🛡️ Palo Alto Networks Unit 42 attributes a years-long espionage campaign against high-value organizations in South, Southeast and East Asia to a previously undocumented cluster dubbed CL-UNK-1068. The actor uses a mixed toolkit of custom malware, modified open-source utilities and living-off-the-land binaries to operate on both Windows and Linux. Intrusions commonly begin with web server exploits and web shells, followed by credential theft and targeted file harvesting. Researchers observed novel exfiltration methods—archiving with WinRAR, Base64-encoding via certutil, and printing the encoded output to the web shell to avoid direct file transfer.
read more →

Fooling AI Agents: Web-Based Indirect Prompt Injection

⚠️ Unit 42 researchers describe web-based indirect prompt injection (IDPI), where adversaries embed hidden or obfuscated instructions in webpages that are later consumed by LLMs and agentic systems. The report catalogs 22 payload engineering techniques, presents a taxonomy of attacker intents from low to critical, and details multiple in-the-wild detections, including the first observed AI ad-review bypass. It emphasizes detection, intent analysis and web-scale defenses to protect automated pipelines.
read more →

Threat Brief: March 2026 Iran-Related Cyber Escalation

⚠️ Beginning Feb. 28, 2026, Unit 42 observed a rapid escalation in cyber activity tied to Iran following joint U.S.–Israeli strikes, coinciding with an internal internet outage that reduced connectivity in Iran to 1–4%. That loss likely constrains coordinated state-aligned campaigns from inside Iran while enabling decentralized and geographically dispersed actors to increase disruptive operations. Unit 42 identified a phishing campaign using a malicious replica of the Israeli Home Front Command RedAlert APK and tracked about 60 active hacktivist groups claiming DDoS, wiper, and hack-and-leak operations. Organizations should prioritize multi-layered defenses, offline backups, strict out-of-band verification, patching, monitoring, and incident response preparedness; Palo Alto Networks and Unit 42 offer protections and services to assist.
read more →

Chrome Gemini Vulnerability Allowed Extension Hijack

🛡 Unit 42 discovered CVE-2026-0628, a high-severity flaw in Chrome's new Gemini Live panel that allowed extensions with only declarativeNetRequest permissions to inject JavaScript into the privileged panel context. That injection could escalate extension privileges to access camera and microphone, read local files, take screenshots and render phishing content inside a trusted browser UI. Google was notified on 2025-10-23 and issued a patch in early January 2026. Palo Alto Networks recommends mitigations such as Prisma Browser and related protections.
read more →

Palo Alto: Rapid Attacks Exploit Basic Security Failings

🚨 Palo Alto Networks' Unit 42 reports that cyberattacks are accelerating: the fastest incidents moved from initial access to data exfiltration in 72 minutes, down from nearly five hours in 2024, and AI is compressing reconnaissance, phishing, scripting and execution timelines. Yet most breaches traced to basic failures such as weak authentication, limited real‑time visibility, and misconfigurations. Identity and trust issues featured in 90% of incidents, and Unit 42 found excessive permissions across 99% of 680,000 cloud identities. In response, Palo Alto launched Unit 42 Managed XSIAM 2.0 to provide end‑to‑end onboarding, threat hunting and faster automated response.
read more →

Unit 42 2026 Global Incident Response Report Findings

⚠️ The Unit 42 2026 Global Incident Response Report analyzes over 750 major incidents across 50+ countries and reveals attackers are moving faster and leveraging trusted identities and integrations. The report documents AI-driven acceleration—some intrusions advanced from initial access to exfiltration in as little as 72 minutes—and shows identity weaknesses in nearly 90% of cases. It recommends reducing exposure, tightening identity controls, and increasing response speed.
read more →

Unit 42 Managed XSIAM 2.0: 24/7 Managed SOC Service

🔒 Unit 42 Managed XSIAM 2.0 delivers a 24/7 managed SOC built on Cortex XSIAM and operated by Unit 42 analysts, threat hunters, responders and SOC engineers. Designed to close the gap with machine-speed attacks, MSIAM 2.0 replaces alert-driven models with continuous detection, proactive hunting and ongoing engineering of detections, correlations and playbooks. The service supports native and third-party EDR telemetry, enables pre-authorized full-cycle remediation across endpoints, firewalls, identity and cloud, and includes a Breach Response Guarantee with up to 250 hours of Unit 42 incident response to streamline crisis containment and recovery.
read more →

State-Linked 'Shadow Campaigns' Target 155 Countries

🕵️‍♂️ Palo Alto Networks' Unit 42 reports a state-sponsored threat actor tracked as TGR-STA-1030/UNC6619 has run global-scale "Shadow Campaigns," compromising at least 70 government and critical infrastructure organizations across 37 countries and conducting reconnaissance tied to 155 countries. The actor has been active since at least January 2024 and is assessed to operate from Asia. Initial access combined tailored phishing lures hosted on Mega.nz with exploitation of known flaws in SAP Solution Manager, Microsoft Exchange, D-Link, and Windows to deploy loaders such as Diaoyu. Victim environments were instrumented with Cobalt Strike, webshells, tunneling tools, and a bespoke Linux eBPF rootkit named ShadowGuard to hide activity and evade detection.
read more →