Palo Alto Networks Unit 42 Archives

Unauthorized Users Reportedly Gain Access to Anthropic’s Mythos AI Model

Jeffrey Burt | April 22, 2026 | AI cybersecurity risks, AI frontier models, Aisle AI, Anthropic Mythos, DeepSeek R1, IBM Consulting, OpenAI GPT-5.4-Cyber, Palo Alto Networks, Palo Alto Networks Unit 42, Project Glasswing, Sonatype, VIdoc Security, vulnerability detection, Vulnerability Exploits

A group of unauthorized users reportedly has gained access to Anthropic’s controversial Claude Mythos Preview AI frontier model despite the AI vendor’s efforts to keep it out of public hands by limiting ...

Security Boulevard

BEC, fraud, MFA, Armorblox BEC data breach attorney-client IKEA Email Security Breaches Rises

Iran-Linked Threat Group Hacks FBI Director Kash Patel’s Personal Email

Jeffrey Burt | March 27, 2026 | data leak websites, ddos, Department of Justice (DOJ), FBI, FBI email hack, Flashpoint Research, Handala Hack, Iran hacker, Iran-Israel Conflict, Kash Patel, Palo Alto Networks Unit 42, United States

Iran-linked threat group Handala hacked into the personal email account of FBI Director Kash Patel, posting photos of him and links to documents found in the account. The DOJ confirmed the attack, ...

Security Boulevard

Cyberattacks Spike 245% in the Two Weeks After the Start of War With Iran

Jeffrey Burt | March 18, 2026 | Akamai, china espionage, data wiper, ddos, Fatimion Cyber Team, Flashpoint, geopolitical tensions, Handala, Iran Hacker Groups, Iran-Israel Conflict, Palo Alto Networks Unit 42, Russia, Stryker, United States

Akamai researchers saw a 245% spike in cyberattacks in the first two weeks after the start of the U.S. and Israeli war against Iran as Iranian nation-state groups and independent hacktivists launch ...

Security Boulevard

Threat Group Running Espionage Operations Against Dozens of Governments

Jeffrey Burt | February 5, 2026 | Cobalt Strike, cyberespionage, government attack, Palo Alto Networks Unit 42, phishing attack, spying, Vulnerability Exploitation

Unit 42 researchers say an Asian threat group behind what they call the Shadow Campaigns has targeted government agencies in 37 countries in a wide-ranging global cyberespionage campaign that has involved phishing ...

Security Boulevard

Chinese cybercrime illegal online gambling

Google Finds Five China-Nexus Groups Exploiting React2Shell Flaw

Jeffrey Burt | December 16, 2025 | Backdoor Exploit, china espionage, downloader, Google Threat Intelligence, Iran Hacker Groups, Malware, North Korean Threat Actors, Palo Alto Networks Unit 42, RCE (Remote Code Execution), React2Shell Vulnerability, software flaw, Sysdig

Researchers with Google Threat Intelligence Group have detected five China-nexus threat groups exploiting the maximum-security React2Shell security flaw to drop a number of malicious payloads, from backdoors to downloaders to tunnelers ...

Security Boulevard

vulnerabilities, root cause, Microsoft Storm-1152 fake accounts CaaS

Attackers Worldwide are Zeroing In on React2Shell Vulnerability

Jeffrey Burt | December 11, 2025 | Backdoor malware, bitsight, China-linked Hackers, Huntress cybersecurity findings, malicious cryptomining, Mirai botnet, Next.js vulnerability, North Korean Hacking, Palo Alto Networks Unit 42, React security flaw, React2Shell Vulnerability

Bad actors that include nation-state groups to financially-motivated cybercriminals from across the globe are targeting the maximum-severity but easily exploitable React2Shell flaw, with threat researchers see everything from probes and backdoors to ...

Security Boulevard

cyberwar, cyber, SLA, cyberattack, retailers, Ai, applications, sysdig, attack, cisco, AI, AI-powered, attacks, attackers, security, BreachRx, Cisco, Nexus, security, challenges, attacks, cybersecurity, risks, industry, Cisco Talos hackers legitimate tools used in cyberattacks

Exploitation Efforts Against Critical React2Shell Flaw Accelerate

Jeffrey Burt | December 9, 2025 | China-nexus cyber attacks, Cloud Threats, Cloudflare outage React patch, FBI, Next.js vulnerability, Palo Alto Networks Unit 42, React vulnerability, React2Shell, Wiz

The exploitation efforts by China-nexus groups and other bad actors against the critical and easily abused React2Shell flaw in the popular React and Next.js software accelerated over the weekend, with threats ranging ...

Security Boulevard

BunnyLoader Malware: Modular Features Help Evade Detection

Wajahat Raja | April 4, 2024 | BunnyLoader malware, credential harvesting, cryptocurrency theft, Cybercrime Trends, Cybersecurity News, cybersecurity threats, data theft, Infection chains, Malware Analysis, Malware Detection, Malware evasion tactics, Malware Evolution, Modular malware, Palo Alto Networks Unit 42

In the ever-evolving landscape of cybersecurity threats, a new variant of malware has emerged, posing significant challenges for detection and mitigation efforts. Known as BunnyLoader malware, it has recently undergone a transformation, ...

TuxCare

Palo Alto Networks Unit 42

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On