Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCE Executive SummaryWe discovered a vulnerability in the Google Cloud Vertex AI softw... 2026-6-16 10:0:29 | 阅读: 7 | 收藏 | Unit 42 - unit42.paloaltonetworks.com cloud victim attacker vertex staging

Inside the Modern SOC: The 72-Minute Race The Speed Gap: Where Strategy Meets RealityThis marks the beginning of our series,... 2026-6-15 23:0:19 | 阅读: 12 | 收藏 | Unit 42 - unit42.paloaltonetworks.com attackers security workflows gap

Tracing Digital Intent: New MacOS Tahoe 26 Artifact Discovered Surfacing a New ArtifactForensic examiners are constantly hunting for data that re... 2026-6-12 22:0:14 | 阅读: 17 | 收藏 | Unit 42 - unit42.paloaltonetworks.com artifact biome menuitem segb trash

Trust No Skill: Integrity Verification for AI Agent Supply Chains Executive SummaryAI agents now extend their capabilities by installing third-party... 2026-6-11 10:0:24 | 阅读: 21 | 收藏 | Unit 42 - unit42.paloaltonetworks.com skill biv adversarial llm chains

Blinding the Watchmen: Abusing Cloud Logging Services for Defense Evasion and Visibility Executive SummaryCloud logging services provide comprehensive visibility into acti... 2026-6-9 22:0:21 | 阅读: 19 | 收藏 | Unit 42 - unit42.paloaltonetworks.com cloud attacker cloudtrail security trail

When “Hi, This Is IT” Comes Through Microsoft Teams "Hi, IT Department Here!"It's Friday afternoon. The week has been busy, and everyo... 2026-6-8 23:0:45 | 阅读: 16 | 收藏 | Unit 42 - unit42.paloaltonetworks.com microsoft phishing chats unmanaged

Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257 Palo Alto Networks Unit 42 has observed active exploitation of PAN-OS vulnerability... 2026-6-5 14:5:42 | 阅读: 24 | 收藏 | Unit 42 - unit42.paloaltonetworks.com palo 2026 alto security

Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor Executive SummaryWe are tracking an increasingly widespread malvertising campaign... 2026-6-2 10:0:31 | 阅读: 43 | 收藏 | Unit 42 - unit42.paloaltonetworks.com malicious attackers brain

2026 World Cup: Discussing The World’s Biggest Game’s Attack Surface The 2026 FIFA World Cup will be the largest sporting event ever staged. Across 39 d... 2026-5-28 10:0:53 | 阅读: 45 | 收藏 | Unit 42 - unit42.paloaltonetworks.com tournament 2026 iran nexus fifa

Out of the Crypt: The Evolving Cyber Extortion Economy Extortion Activity No Longer Requires Encryption for PaymentThis blog dives into t... 2026-5-27 22:0:46 | 阅读: 35 | 收藏 | Unit 42 - unit42.paloaltonetworks.com extortion cri 2026 tgr frontier

Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns Executive SummaryUnit 42 researchers have observed evidence of cyberattacks by the... 2026-5-22 13:0:42 | 阅读: 27 | 收藏 | Unit 42 - unit42.paloaltonetworks.com payload 2026 miniupdate malicious

Paved With Intent: ROADtools and Nation-State Tactics in the Cloud Executive SummaryROADtools is a publicly available toolkit for offensive and defen... 2026-5-22 10:0:24 | 阅读: 23 | 收藏 | Unit 42 - unit42.paloaltonetworks.com microsoft roadtools roadtx entra attackers

Tracking TamperedChef Clusters via Certificate and Code Reuse Executive SummaryThis article documents novel activity clusters that have signific... 2026-5-20 10:0:46 | 阅读: 31 | 收藏 | Unit 42 - unit42.paloaltonetworks.com ltd unk 1090 cri

Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files Executive SummaryThis article examines new obfuscation techniques the Gremlin stea... 2026-5-15 10:0:52 | 阅读: 367 | 收藏 | Unit 42 - unit42.paloaltonetworks.com gremlin stealer analysis cortex clipboard

Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools Executive SummaryActive Directory Certificate Services (AD CS) is a foundational c... 2026-5-11 22:0:43 | 阅读: 34 | 收藏 | Unit 42 - unit42.paloaltonetworks.com cortex bioc shadow privileged

Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution Executive SummaryOn May 6, 2026, Palo Alto Networks released a security advisory f... 2026-5-7 00:0:53 | 阅读: 91 | 收藏 | Unit 42 - unit42.paloaltonetworks.com 2026 alto palo 0300

Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years Executive SummaryOn April 29, 2026, researchers publicly disclosed a highly reliab... 2026-5-5 23:0:33 | 阅读: 35 | 收藏 | Unit 42 - unit42.paloaltonetworks.com 2026 cortex attacker 31431 aead

Essential Data Sources for Detection Beyond the Endpoint The 2026 Unit 42 Global Incident Response Report delivers a sharp wake-up call: Thr... 2026-5-1 23:0:13 | 阅读: 31 | 收藏 | Unit 42 - unit42.paloaltonetworks.com cloud security attackers zones palo

That AI Extension Helping You Write Emails? It’s Reading Them First Executive SummaryWe found 18 AI browser extensions marketed as productivity tools... 2026-4-30 22:0:57 | 阅读: 40 | 收藏 | Unit 42 - unit42.paloaltonetworks.com chrome proxy network remote genai

The npm Threat Landscape: Attack Surface and Mitigations 嗯，用户让我总结一下这篇文章的内容，控制在100个字以内，而且不需要特定的开头。首先，我需要通读整篇文章，抓住主要点。 文章讲的是npm生态系统在2025年9月被一个叫做Shai-Hulud的蠕虫攻击，导致安全形势恶化。攻击者利用恶意包传播，自动化感染和重新发布合法包。之后，攻击变得更加频繁和复杂，涉及供应链的多个层面。 接下来，文章详细描述了Shai-Hulud蠕虫的工作机制，包括如何窃取npm令牌、GitHub PATs，以及如何嵌入CI/CD管道以获得长期访问。此外，还提到了多阶段有效载荷和持久化策略。 文章还提到攻击者利用多个渠道如Docker Hub、GitHub Actions和VS Code扩展进行传播，并详细分析了恶意包@bitwarden/[email protected]的结构和功能。最后给出了防护建议和 Palo Alto Networks 的产品保护措施。 总结起来，我需要在100字内涵盖攻击事件的时间、影响、技术手段以及防护措施。确保语言简洁明了。 </think> 2025年9月起，npm生态系统因Shai-Hulud蠕虫攻击进入高风险阶段。恶意软件通过自动化感染和重新发布合法包传播。攻击者窃取npm令牌、GitHub PATs，并嵌入CI/CD管道以实现长期访问。文章分析了蠕虫机制及防护建议，并介绍了Palo Alto Networks的产品保护措施。... 2026-4-24 21:40:33 | 阅读: 32 | 收藏 | Unit 42 - unit42.paloaltonetworks.com github checkmarx c2 cloud malicious