Tag

#Unit 42

8 stories taggedUnit 42.

Photoreal news-editorial style, 16:9 framing, full-frame edge-to-edge composition
Threat Intelligence

Fake Pirated Software Ads Are Draining Passwords and Hijacking Computers to Mine Crypto

A campaign uncovered by Palo Alto Networks researchers is tricking people into downloading malware disguised as cracked software, stealing saved passwords while quietly running up victims' electricity bills.

3 min
A photoreal editorial scene of a modern open-plan office desk at dusk, a laptop showing a generic video-call interface with a blurred external caller notificati
Threat Intelligence

Fake IT Helpdesk Calls on Microsoft Teams Are Planting EtherRAT on Company PCs

Attackers pose as internal support staff over Teams voice calls, then walk employees through installing remote-access tools that drop a Node.js trojan.

4 min
Macro photograph of a glowing network of interconnected nodes on a dark surface, with several nodes pulsing amber-red to suggest hidden danger within an otherwi
AI Security

AI Assistants Are Inventing Fake Web Addresses — and Criminals Are Buying Them Up

Researchers at Palo Alto Networks found that AI tools routinely make up plausible-sounding website addresses that don't exist. Criminals are registering those addresses before anyone notices — and one already built a full fraud operation using the same AI trick.

4 min
Threat Intelligence

Phantom Squatting: When Attackers Camp on the Domains LLMs Hallucinate

Unit 42 documents a pre-positioning tactic where actors register non-existent domains that chatbots keep suggesting, then wait for the traffic to arrive.

2 min
Threat Intelligence

TinyRCT Backdoor Surfaces in CL-STA-1062 Intrusions Across Southeast Asia

Palo Alto Networks ties the previously undocumented implant to a Chinese-speaking cluster targeting state-owned energy and government entities.

2 min
AI Security

Bucket Squatting in Vertex AI SDK Opened Cross-Tenant RCE Window

A staging-bucket naming flaw in two versions of Google's Vertex AI Python SDK let attackers pre-register a victim's expected bucket and swap in a malicious pickle model before the platform could retrieve the original.

2 min
Cloud Security

'Pickle in the Middle': Vertex AI SDK Bug Let Outsiders Hijack Model Uploads

Unit 42 researchers describe a bucket-squatting flaw in Google's Python SDK that handed code execution inside Vertex AI's serving stack to attackers with no project access.

3 min
Threat Intelligence

FlutterShell: A macOS Backdoor Wrapped in Flutter, Dropped by Ad Clicks

Unit 42 traces a malvertising operation to the same crew behind JSCoreRunner, this time hiding a backdoor inside Flutter-built Mac apps.

3 min
© 2026 Threat Vectr