Unit 42 uncovers high-risk AI browser extensions. Disguised as productivity tools, they steal data, intercept prompts, and exfiltrate passwords. Protect your browser.

The post That AI Extension Helping You Write Emails? It’s Reading Them First appeared first on Unit 42.

The post The Malware Factory: Unmasking the 108-Package North Korean Siege on npm appeared first on Daily CyberSecurity.

Unit 42 reveals how multi-agent AI systems can autonomously attack cloud environments. Learn critical insights and vital lessons for proactive security.

The post Can AI Attack the Cloud? Lessons From Building an Autonomous Cloud Offensive Multi-Agent System appeared first on Unit 42.

Unit 42は、マルチエージェントAIシステムがクラウド環境をどのように自律的に攻撃できるかを明らかにします。プロアクティブなセキュリティのための重要なインサイトと不可欠な教訓を学びます。

The post AIはクラウドを攻撃できるのか?自律型クラウド攻撃型マルチエージェント システムの構築から得られた教訓 appeared first on Unit 42.

Unit 42 research reveals AirSnitch attacks bypass WPA2/3 Wi-Fi encryption and client isolation, exposing critical infrastructure vulnerabilities.

The post When Wi-Fi Encryption Fails: Protecting Your Enterprise from AirSnitch Attacks appeared first on Unit 42.

CVE-2023-33538 allows for command injection in TP-Link routers. We discuss exploitation attempts with payloads characteristic of Mirai botnet malware.

The post A Deep Dive Into Attempted Exploitation of CVE-2023-33538 appeared first on Unit 42.

Unit 42 reveals "Agent God Mode" in Amazon Bedrock AgentCore. Broad IAM permissions lead to privilege escalation and data exfiltration risks.

The post Cracks in the Bedrock: Agent God Mode appeared first on Unit 42.

Unit 42 uncovers critical vulnerabilities in Amazon Bedrock AgentCore's sandbox, demonstrating DNS tunneling and credential exposure.

The post Cracks in the Bedrock: Escaping the AWS AgentCore Sandbox appeared first on Unit 42.

Handala’s Surge Signals a New Wave of Wartime Cyberattacks

The post Bitdefender Threat Debrief | April 2026 appeared first on Security Boulevard.

Unit 42 uncovers escalating Kubernetes attacks, detailing how threat actors exploit identities and critical vulnerabilities to compromise cloud environments.

The post Understanding Current Threats to Kubernetes Environments appeared first on Unit 42.

Unit 42 research on multi-agent AI systems on Amazon Bedrock reveals new attack surfaces and prompt injection risks. Learn how to secure your AI applications.

The post When an Attacker Meets a Group of Agents: Navigating Amazon Bedrock's Multi-Agent Applications appeared first on Unit 42.

The post Inside the Rapid Evolution of the BlankGrabber Stealer appeared first on Daily CyberSecurity.

Unit 42 uncovers a "double agent" flaw in Google Cloud's Vertex AI, demonstrating how overprivileged AI agents can compromise cloud environments.

The post Double Agents: Exposing Security Blind Spots in GCP Vertex AI appeared first on Unit 42.

Unit 42 identifies a recruitment phishing campaign targeting senior professionals via impersonation and fraudulent resume fees.

The post Threat Brief: Recruiting Scheme Impersonating Palo Alto Networks Talent Acquisition Team appeared first on Unit 42.

Explore Google’s synced passkey architecture. Unit 42 details its mechanisms, key management, and secure communication in passwordless systems."

The post Google Cloud Authenticator: The Hidden Mechanisms of Passwordless Authentication appeared first on Unit 42.

Unit 42 research explores how AI is currently used in malware, from superficial integrations to advanced decision-making, and its future impact.

The post Analyzing the Current State of AI Use in Malware appeared first on Unit 42.

Unit 42 research unveils LLM guardrail fragility using genetic algorithm-inspired prompt fuzzing. Discover scalable evasion methods and critical GenAI security implications.

The post Open, Closed and Broken: Prompt Fuzzing Finds LLMs Still Fragile Across Open and Closed Models appeared first on Unit 42.

Iranian threat group Boggy Serpens' cyberespionage evolves with AI-enhanced malware and refined social engineering. Unit 42 details their persistent targeting.

The post Boggy Serpens Threat Assessment appeared first on Unit 42.

An espionage operation demonstrated strategic operational patience against targets in Southeast Asia, deploying custom backdoors.

The post Suspected China-Based Espionage Operation Against Military Targets in Southeast Asia appeared first on Unit 42.

Unit 42 research reveals AI judges are vulnerable to stealthy prompt injection. Benign formatting symbols can bypass security controls.

The post Auditing the Gatekeepers: Fuzzing "AI Judges" to Bypass Security Controls appeared first on Unit 42.