How We Added WebAuthn to a Browser-Based RDP Client
The Pitch TL;DR: We built the first RDP client outside of Windows to support WebAuthn redirection, beating Microsoft’s own macOS, iOS and Linux clients to…
The Pitch TL;DR: We built the first RDP client outside of Windows to support WebAuthn redirection, beating Microsoft’s own macOS, iOS and Linux clients to…
Unit 42 is aware of a large-scale password spraying and credential theft campaign (“FortiBleed”) against Fortinet devices. We observed attempts targeting MSSQL devices as well,…
Executive Summary AI agents now extend their capabilities by installing third-party skills the way smartphones install apps. Anyone can publish a skill to a public…
“Hi, IT Department Here!” It’s Friday afternoon. The week has been busy, and everyone is wrapping up before the weekend. One of your workers receives…
Palo Alto Networks Unit 42 has observed active exploitation of PAN-OS vulnerability CVE-2026-0257 by an unidentified threat actor attempting to access GlobalProtect. This security flaw…
Extortion Activity No Longer Requires Encryption for Payment This blog dives into the growing trend of data theft and extortion activities which no longer require…
Executive Summary This article examines new obfuscation techniques the Gremlin stealer malware uses to conceal malicious payloads within embedded resources. We analyze a variant protected…
Executive Summary On May 6, 2026, Palo Alto Networks released a security advisory for CVE-2026-0300, identifying a buffer overflow vulnerability in the User-ID Authentication Portal…
The 2026 Unit 42 Global Incident Response Report delivers a sharp wake-up call: Threat actors are now moving 4x faster to exfiltration than in 2025.…
TGR-STA-1030 remains an active threat. Since February, we have observed widespread activity from this group across multiple countries. Most recently, their efforts appear to be…
Over the last several weeks, Palo Alto Networks and Unit 42 have been talking with CISOs and security leaders globally to discuss the emergence of…
Executive Summary Our first article about the boundaries and resilience of Amazon Bedrock AgentCore focused on the Code Interpreter sandbox, and how it can be…