Unit 42 – Experimental News Clipping Site

Unit 42: Responding to Cloud Incidents A Step-by-Step Guide from the 2025 Unit 42 Global Incident Response Report

Oct 7, 2025

—

by

Source URL: https://unit42.paloaltonetworks.com/responding-to-cloud-incidents/ Source: Unit 42 Title: Responding to Cloud Incidents A Step-by-Step Guide from the 2025 Unit 42 Global Incident Response Report Feedly Summary: Cloud breaches are rising. This step-by-step guide from Unit 42 shows how to investigate, contain and recover from cloud-based attacks. The post Responding to Cloud Incidents A Step-by-Step Guide from…

Unit 42: TOTOLINK X6000R: Three New Vulnerabilities Uncovered

Oct 1, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/totolink-x6000r-vulnerabilities/ Source: Unit 42 Title: TOTOLINK X6000R: Three New Vulnerabilities Uncovered Feedly Summary: Researchers identified vulnerabilities in TOTOLINK X6000R routers: CVE-2025-52905, CVE-2025-52906 and CVE-2025-52907. We discuss root cause and impact. The post TOTOLINK X6000R: Three New Vulnerabilities Uncovered appeared first on Unit 42. AI Summary and Description: Yes Summary: The text highlights newly…

The Register: Beijing-backed burglars master .NET to target government web servers

Oct 1, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/10/01/phantom_taurus_apt/ Source: The Register Title: Beijing-backed burglars master .NET to target government web servers Feedly Summary: ‘Phantom Taurus’ created custom malware to hunt secrets across Asia, Africa, and the Middle East Threat-hunters at Palo Alto Networks’ Unit 42 have decided a gang they spotted two years ago is backed by China, after seeing…

Unit 42: Threat Insights: Active Exploitation of Cisco ASA Zero Days

Sep 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/zero-day-vulnerabilities-affect-cisco-software/ Source: Unit 42 Title: Threat Insights: Active Exploitation of Cisco ASA Zero Days Feedly Summary: CVE-2025-20333, CVE-2025-20362 and CVE-2025-20363 affect multiple Cisco products, and are being exploited by a threat actor linked to the ArcaneDoor campaign. The post Threat Insights: Active Exploitation of Cisco ASA Zero Days appeared first on Unit 42.…

Unit 42: Bookworm to Stately Taurus Using the Unit 42 Attribution Framework

Sep 24, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/bookworm-to-stately-taurus/ Source: Unit 42 Title: Bookworm to Stately Taurus Using the Unit 42 Attribution Framework Feedly Summary: We connect Bookworm malware to Chinese APT Stately Taurus using our attribution framework, enhancing our understanding of threat group tradecraft. The post Bookworm to Stately Taurus Using the Unit 42 Attribution Framework appeared first on Unit…

Unit 42: "Shai-Hulud" Worm Compromises npm Ecosystem in Supply Chain Attack

Sep 17, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/npm-supply-chain-attack/ Source: Unit 42 Title: "Shai-Hulud" Worm Compromises npm Ecosystem in Supply Chain Attack Feedly Summary: Self-replicating worm “Shai-Hulud” has compromised 180-plus software packages in a supply chain attack targeting the npm ecosystem. We discuss scope and more. The post “Shai-Hulud" Worm Compromises npm Ecosystem in Supply Chain Attack appeared first on Unit…

Unit 42: The Risks of Code Assistant LLMs: Harmful Content, Misuse and Deception

Sep 15, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/code-assistant-llms/ Source: Unit 42 Title: The Risks of Code Assistant LLMs: Harmful Content, Misuse and Deception Feedly Summary: We examine security weaknesses in LLM code assistants. Issues like indirect prompt injection and model misuse are prevalent across platforms. The post The Risks of Code Assistant LLMs: Harmful Content, Misuse and Deception appeared first…

Unit 42: Trusted Connections, Hidden Risks: Token Management in the Third-Party Supply Chain

Sep 12, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/third-party-supply-chain-token-management/ Source: Unit 42 Title: Trusted Connections, Hidden Risks: Token Management in the Third-Party Supply Chain Feedly Summary: Effective OAuth token management is crucial for supply chain security, preventing breaches caused by dormant integrations, insecure storage or lack of rotation. The post Trusted Connections, Hidden Risks: Token Management in the Third-Party Supply Chain…

Unit 42: Data Is the New Diamond: Latest Moves by Hackers and Defenders

Sep 9, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/data-is-the-new-diamond-latest-moves-by-hackers-and-defenders/ Source: Unit 42 Title: Data Is the New Diamond: Latest Moves by Hackers and Defenders Feedly Summary: Unit 42 delves into how cybercriminals are treating stolen data like digital diamonds amid rising attacks and evolving extortion tactics. The post Data Is the New Diamond: Latest Moves by Hackers and Defenders appeared first…

Unit 42: Model Namespace Reuse: An AI Supply-Chain Attack Exploiting Model Name Trust

Sep 3, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/model-namespace-reuse/ Source: Unit 42 Title: Model Namespace Reuse: An AI Supply-Chain Attack Exploiting Model Name Trust Feedly Summary: Model namespace reuse is a potential security risk in the AI supply chain. Attackers can misuse platforms like Hugging Face for remote code execution. The post Model Namespace Reuse: An AI Supply-Chain Attack Exploiting Model…

Tag: Unit 42