Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257
We include indicators of activity and mitigations for PAN-OS vulnerability CVE-2026-0257.
The post Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257 appeared first on Unit 42.

We include indicators of activity and mitigations for PAN-OS vulnerability CVE-2026-0257.
The post Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257 appeared first on Unit 42.

Operation FlutterBridge is a malvertising campaign targeting macOS users. It distributed the new backdoor FlutterShell, built using the Flutter framework.
The post Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor appeared first on Unit 42.

The 2026 World Cup presents major cyber risks from ransomware groups, state-aligned actors, and other groups targeting critical infrastructure. Learn more here.
The post 2026 World Cup: Discussing The Worldβs Biggest Gameβs Attack Surface appeared first on Unit 42.

Unit 42 explores trends in data theft and extortion, outlining key strategies for organizations as frontier AI models advance.
The post Out of the Crypt: The Evolving Cyber Extortion Economy appeared first on Unit 42.

Unit 42 details Screening Serpens' use of AppDomainManager hijacking and new RAT variants to target tech and defense sectors in recent campaigns.
The post Tracking Iranian APT Screening Serpensβ 2026 Espionage Campaigns appeared first on Unit 42.

Open-source framework ROADtools is being misused by threat actors for cloud intrusions. Learn how to identify its malicious use.
The post Paved With Intent: ROADtools and Nation-State Tactics in the Cloud appeared first on Unit 42.
