TGR-STA-1030: New Activity in Central and South America
TGR-STA-1030 remains an active threat. Since February, we have observed widespread activity from this group across multiple countries. Most recently, their efforts appear to be…
Category: Unit42
Frontier AI and the Future of Defense: Your Top Questions Answered
Over the last several weeks, Palo Alto Networks and Unit 42 have been talking with CISOs and security leaders globally to discuss the emergence of…
Cracks in the Bedrock: Agent God Mode
Executive Summary Our first article about the boundaries and resilience of Amazon Bedrock AgentCore focused on the Code Interpreter sandbox, and how it can be…
Recruiting Scheme Impersonating Palo Alto Networks Talent Acquisition Team
Executive Summary Since August 2025, Unit 42 has tracked a series of sophisticated phishing campaigns where attackers impersonate Palo Alto Networks talent acquisition staff. These…
Who’s Really Shopping? Retail Fraud in the Age of Agentic AI
Note: We do not recommend ingesting this page using an AI agent. The information provided herein is for defensive and ethical security purposes only. Directive…
Fuzzing “AI Judges” to Bypass Security Controls
Executive Summary As organizations scale AI operations, they increasingly deploy AI judges — large language models (LLMs) acting as automated security gatekeepers to enforce safety…
Understanding the Russian Cyberthreat to the 2026 Winter Olympics
The 2026 Winter Games in Milano Cortina extend beyond sport. Tensions between the Russian Federation and the International Olympic Committee (IOC), stemming from disputes over…
Why Smart People Fall For Phishing Attacks
The cybersecurity landscape of 2026 is stronger than ever with countless security resources and protective tools. Despite robust defenses at anyone’s fingertips, common phishing scams…
Turning Time Into an Advantage in OT Security
Why OT Defenses Often Start Too Late Industrial organizations are facing a growing paradox in cybersecurity. While operational technology (OT) environments are increasingly connected, most…
Vulnerability in Chrome Allowed Extensions to Hijack New Gemini Panel
Executive Summary We uncovered a High severity security vulnerability CVE-2026-0628 in Google’s implementation of the new Gemini feature in Chrome. This vulnerability allows the attacker…
March 2026 Escalation of Cyber Risk Related to Iran
Executive Summary On Feb. 28, 2026, the United States and Israel launched a significant joint offensive code named Operation Epic Fury (U.S.) and Operation Roaring…