❌

Reading view

  •  

Anatomy of an Attack: The Payroll Pirates and the Power of Social Engineering

Unit 42 breaks down a payroll attack fueled by social engineering. Learn how the breach happened and how to protect your organization from similar threats.

The post Anatomy of an Attack: The Payroll Pirates and the Power of Social Engineering appeared first on Unit 42.

  •  

VVS Discord Stealer Using Pyarmor for Obfuscation and Detection Evasion

VVS stealer (or VVS $tealer) is a Python-based infostealer targeting Discord users. It employs Pyarmor for obfuscation, contributing to its efficacy.

The post VVS Discord Stealer Using Pyarmor for Obfuscation and Detection Evasion appeared first on Unit 42.

  •  

Exploitation of Critical Vulnerability in React Server Components (Updated December 12)

We discuss the CVSS 10.0-rated RCE vulnerability in the Flight protocol used by React Server Components. This is tracked as CVE-2025-55182.

The post Exploitation of Critical Vulnerability in React Server Components (Updated December 12) appeared first on Unit 42.

  •  

Hamas-Affiliated Ashen Lepus Targets Middle Eastern Diplomatic Entities With New AshTag Malware Suite

Hamas-affiliated threat actor Ashen Lepus (aka WIRTE) is conducting espionage with its new AshTag malware suite against Middle Eastern government entities.

The post Hamas-Affiliated Ashen Lepus Targets Middle Eastern Diplomatic Entities With New AshTag Malware Suite appeared first on Unit 42.

  •  

The Golden Scale: 'Tis the Season for Unwanted Gifts

Unit 42 shares further updates of cybercrime group Scattered LAPSUS$ Hunters. Secure your organization this holiday season.

The post The Golden Scale: 'Tis the Season for Unwanted Gifts appeared first on Unit 42.

  •  

"Shai-Hulud" Worm Compromises npm Ecosystem in Supply Chain Attack (Updated November 26)

Self-replicating worm β€œShai-Hulud” has compromised hundreds of software packages in a supply chain attack targeting the npm ecosystem. We discuss scope and more.

The post "Shai-Hulud" Worm Compromises npm Ecosystem in Supply Chain Attack (Updated November 26) appeared first on Unit 42.

  •  

Anatomy of an Akira Ransomware Attack: When a Fake CAPTCHA Led to 42 Days of Compromise

Unit 42 outlines a Howling Scorpius attack delivering Akira ransomware that originated from a fake CAPTCHA and led to a 42-day compromise.

The post Anatomy of an Akira Ransomware Attack: When a Fake CAPTCHA Led to 42 Days of Compromise appeared first on Unit 42.

  •  
  •  
❌