We detail our discovery of CVE-2025-0921. This privileged file system flaw in SCADA system Iconics Suite could lead to a denial-of-service (DoS) attack.

The post Privileged File System Vulnerability Present in a SCADA System appeared first on Unit 42.

Russia's current isolation from the Olympics may lead to increased cyberthreats targeting the 2026 Winter Games. We discuss the potential threat picture.

The post Understanding the Russian Cyberthreat to the 2026 Winter Olympics appeared first on Unit 42.

Unit 42 celebrates 9 years of the Cyber Threat Alliance, tracing its journey from a bold idea to a global leader in collaborative cyber defense.

The post Happy 9th Anniversary, CTA: A Celebration of Collaboration in Cyber Defense appeared first on Unit 42.

We discuss a novel AI-augmented attack method where malicious webpages use LLM services to generate dynamic code in real-time within a browser.

The post The Next Frontier of Runtime Assembly Attacks: Leveraging LLMs to Generate Phishing JavaScript in Real Time appeared first on Unit 42.

We've identified an aspect of Azure’s Private Endpoint architecture that could expose Azure resources to denial of service (DoS) attacks.

The post DNS OverDoS: Are Private Endpoints Too Private? appeared first on Unit 42.

Unit 42 breaks down a payroll attack fueled by social engineering. Learn how the breach happened and how to protect your organization from similar threats.

The post Anatomy of an Attack: The Payroll Pirates and the Power of Social Engineering appeared first on Unit 42.

Database platform MongoDB disclosed CVE-2025-14847, called MongoBleed. This is an unauthenticated memory disclosure vulnerability with a CVSS score of 8.7.

The post Threat Brief: MongoDB Vulnerability (CVE-2025-14847) appeared first on Unit 42.

We identified remote code execution vulnerabilities in open-source AI/ML libraries published by Apple, Salesforce and NVIDIA.

The post Remote Code Execution With Modern AI/ML Formats and Libraries appeared first on Unit 42.

AI-generated code looks flawless until it isn't. Unit 42 breaks down how to expose these invisible flaws before they turn into your next breach.

The post Securing Vibe Coding Tools: Scaling Productivity Without Scaling Risk appeared first on Unit 42.

VVS stealer (or VVS $tealer) is a Python-based infostealer targeting Discord users. It employs Pyarmor for obfuscation, contributing to its efficacy.

The post VVS Discord Stealer Using Pyarmor for Obfuscation and Detection Evasion appeared first on Unit 42.

Cybersecurity thrives on diverse skills, not just coding and engineering. From writers to designers, there’s a place for you in this field.

The post Who Does Cybersecurity Need? You! appeared first on Unit 42.

Operators behind RansomHouse, a ransomware-as-a-service (RaaS) group, have upgraded their encryption methods from single-phase to complex and layered.

The post From Linear to Complex: An Upgrade in RansomHouse Encryption appeared first on Unit 42.

Cyber hygiene is just as vital as personal hygiene. Unit 42 shares tips for people of all experience levels to keep their digital lives secure.

The post Stay Secure: Why Cyber Hygiene Should Be Part of Your Personal Hygiene appeared first on Unit 42.

We discuss the CVSS 10.0-rated RCE vulnerability in the Flight protocol used by React Server Components. This is tracked as CVE-2025-55182.

The post Exploitation of Critical Vulnerability in React Server Components (Updated December 12) appeared first on Unit 42.

Hamas-affiliated threat actor Ashen Lepus (aka WIRTE) is conducting espionage with its new AshTag malware suite against Middle Eastern government entities.

The post Hamas-Affiliated Ashen Lepus Targets Middle Eastern Diplomatic Entities With New AshTag Malware Suite appeared first on Unit 42.

01flip is a new ransomware family fully written in Rust. Activity linked to 01flip points to alleged dark web data leaks.

The post 01flip: Multi-Platform Ransomware Written in Rust appeared first on Unit 42.

Model Context Protocol connects LLM apps to external data sources or tools. We examine its security implications through various attack vectors.

The post New Prompt Injection Attack Vectors Through MCP Sampling appeared first on Unit 42.

85% of daily work occurs in the browser. Unit 42 outlines key security controls and strategies to make sure yours is secure.

The post The Browser Defense Playbook: Stopping the Attacks That Start on Your Screen appeared first on Unit 42.

Unit 42 shares further updates of cybercrime group Scattered LAPSUS$ Hunters. Secure your organization this holiday season.

The post The Golden Scale: 'Tis the Season for Unwanted Gifts appeared first on Unit 42.

Self-replicating worm “Shai-Hulud” has compromised hundreds of software packages in a supply chain attack targeting the npm ecosystem. We discuss scope and more.

The post "Shai-Hulud" Worm Compromises npm Ecosystem in Supply Chain Attack (Updated November 26) appeared first on Unit 42.