❌

Reading view

Trust No Skill: Integrity Verification for AI Agent Supply Chains

Protect enterprise AI agents from supply chain risks by auditing third-party skills for hidden vulnerabilities and multi-stage attack chains.

The post Trust No Skill: Integrity Verification for AI Agent Supply Chains appeared first on Unit 42.

  •  

Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor

Operation FlutterBridge is a malvertising campaign targeting macOS users. It distributed the new backdoor FlutterShell, built using the Flutter framework.

The post Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor appeared first on Unit 42.

  •  

Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns

Unit 42 details Screening Serpens' use of AppDomainManager hijacking and new RAT variants to target tech and defense sectors in recent campaigns.

The post Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns appeared first on Unit 42.

  •  

Tracking TamperedChef Clusters via Certificate and Code Reuse

Unit 42 analyzes TamperedChef malware clusters that use trojanized productivity apps and malvertising to deliver stealthy payloads to targets.

The post Tracking TamperedChef Clusters via Certificate and Code Reuse appeared first on Unit 42.

  •  

Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files

Unit 42 analyzes the evolution of Gremlin stealer. This variant uses advanced obfuscation, crypto clipping and session hijacking to compromise data.

The post Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files appeared first on Unit 42.

  •  

Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools

Unit 42 analyzes AD CS exploitation through template misconfigurations and shadow credential misuse while offering behavioral detection for defenders.

The post Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools appeared first on Unit 42.

  •  

That AI Extension Helping You Write Emails? It’s Reading Them First

Unit 42 uncovers high-risk AI browser extensions. Disguised as productivity tools, they steal data, intercept prompts, and exfiltrate passwords. Protect your browser.

The post That AI Extension Helping You Write Emails? It’s Reading Them First appeared first on Unit 42.

  •  

The npm Threat Landscape: Attack Surface and Mitigations (Updated June 2)

Unit 42 analyzes npm supply chain evolution post-Shai Hulud. Discover wormable malware, CI/CD persistence, multi-stage attacks and more.

The post The npm Threat Landscape: Attack Surface and Mitigations (Updated June 2) appeared first on Unit 42.

  •  

When Wi-Fi Encryption Fails: Protecting Your Enterprise from AirSnitch Attacks

Unit 42 research reveals AirSnitch attacks bypass WPA2/3 Wi-Fi encryption and client isolation, exposing critical infrastructure vulnerabilities.

The post When Wi-Fi Encryption Fails: Protecting Your Enterprise from AirSnitch Attacks appeared first on Unit 42.

  •  

Fracturing Software Security With Frontier AI Models

Unit 42 finds frontier AI models enhance vulnerability discovery, acting as full-spectrum security researchers. They enable autonomous zero-day discovery and faster N-day patching.

The post Fracturing Software Security With Frontier AI Models appeared first on Unit 42.

  •  

Understanding Current Threats to Kubernetes Environments

Unit 42 uncovers escalating Kubernetes attacks, detailing how threat actors exploit identities and critical vulnerabilities to compromise cloud environments.

The post Understanding Current Threats to Kubernetes Environments appeared first on Unit 42.

  •  

When an Attacker Meets a Group of Agents: Navigating Amazon Bedrock's Multi-Agent Applications

Unit 42 research on multi-agent AI systems on Amazon Bedrock reveals new attack surfaces and prompt injection risks. Learn how to secure your AI applications.

The post When an Attacker Meets a Group of Agents: Navigating Amazon Bedrock's Multi-Agent Applications appeared first on Unit 42.

  •  
  •  

Double Agents: Exposing Security Blind Spots in GCP Vertex AI

Unit 42 uncovers a "double agent" flaw in Google Cloud's Vertex AI, demonstrating how overprivileged AI agents can compromise cloud environments.

The post Double Agents: Exposing Security Blind Spots in GCP Vertex AI appeared first on Unit 42.

  •  

Converging Interests: Analysis of Threat Clusters Targeting a Southeast Asian Government

Unit 42 uncovers multiple clusters of cyberespionage targeting a Southeast Asian government organization with USBFect, RATs and loaders.

The post Converging Interests: Analysis of Threat Clusters Targeting a Southeast Asian Government appeared first on Unit 42.

  •  

Threat Brief: Recruiting Scheme Impersonating Palo Alto Networks Talent Acquisition Team

Unit 42 identifies a recruitment phishing campaign targeting senior professionals via impersonation and fraudulent resume fees.

The post Threat Brief: Recruiting Scheme Impersonating Palo Alto Networks Talent Acquisition Team appeared first on Unit 42.

  •  
❌