Unit 42 details recent Iranian cyberattack activity, sharing direct observations of phishing, hacktivist activity and cybercrime. We include recommendations for defenders.
The post Threat Brief: March 2026 Escalation of Cyber Risk Related to Iran appeared first on Unit 42.
In 2025 a threat group compromised government and critical infrastructure in 37 countries, with reconnaissance in 155.
The post The Shadow Campaigns: Uncovering Global Espionage appeared first on Unit 42.
Database platform MongoDB disclosed CVE-2025-14847, called MongoBleed. This is an unauthenticated memory disclosure vulnerability with a CVSS score of 8.7.
The post Threat Brief: MongoDB Vulnerability (CVE-2025-14847) appeared first on Unit 42.
We discuss the CVSS 10.0-rated RCE vulnerability in the Flight protocol used by React Server Components. This is tracked as CVE-2025-55182.
The post Exploitation of Critical Vulnerability in React Server Components (Updated December 12) appeared first on Unit 42.
Hamas-affiliated threat actor Ashen Lepus (aka WIRTE) is conducting espionage with its new AshTag malware suite against Middle Eastern government entities.
The post Hamas-Affiliated Ashen Lepus Targets Middle Eastern Diplomatic Entities With New AshTag Malware Suite appeared first on Unit 42.
85% of daily work occurs in the browser. Unit 42 outlines key security controls and strategies to make sure yours is secure.
The post The Browser Defense Playbook: Stopping the Attacks That Start on Your Screen appeared first on Unit 42.
Self-replicating worm βShai-Huludβ has compromised hundreds of software packages in a supply chain attack targeting the npm ecosystem. We discuss scope and more.
The post "Shai-Hulud" Worm Compromises npm Ecosystem in Supply Chain Attack (Updated November 26) appeared first on Unit 42.
The line between research tool and threat creation engine is thin. We examine the capabilities of WormGPT 4 and KawaiiGPT, two malicious LLMs.
The post The Dual-Use Dilemma of AI: Malicious LLMs appeared first on Unit 42.
Login