Unit 42 @Unit42_Intel
The latest research and news from Unit 42, the Palo Alto Networks (@paloaltontwks) Threat Intelligence and Security Consulting Team covering incident response. unit42.paloaltonetworks.com Joined December 2015-
Tweets3K
-
Followers63K
-
Following82
-
Likes254
Unit 42 explains how attackers could reregister deleted namespaces on Hugging Face Model Hub to upload malicious models for remote code execution. Understand how this works with four detailed case studies: bit.ly/3VpCChr
A security incident involving the Salesloft Drift integration with Salesforce is the subject of Unit 42's latest Threat Brief. We include our own observations as well as recommendations: bit.ly/4n3l3Q3
We discovered a #fraud campaign using #phishing emails to distribute links to fraudulent shopping sites for luxury goods. The sites use similar page templates and direct payments through PayPal, using different company names on the invoices. Details at bit.ly/4n4ZazW
We're tracking a wave of #vishing attacks targeting IT help desks. Attackers impersonate employees, request multi-factor authentication (#MFA) and reset passwords to access payroll portals, modifying bank account details to redirect salaries. More info at bit.ly/3UUcMC7
A campaign starting in March 2025 exploits CVE-2024-36401, misusing software development kits (SDKs) to earn passive income. We recount the campaign’s shifts over time: bit.ly/3HAx9RS
Misuse of AI services in phishing attacks is leading to campaigns with more convincing lures. Website generators, writing assistants and chatbots are among the top tools being exploited. We explain the impacts of this shift: bit.ly/4oJ9KhH
As a #BrowserExtensionSecurity issue, we should realize unwanted content often hides in plain sight! A #BrowserExtension for a Pokémon cursor seems cute until we realize it’s part of an #adware or #PUP delivery campaign. Details at bit.ly/4mGtMHG
Be mindful of #BrowserExtensionSecurity! A new Chrome #BrowserExtension campaign utilizes an extension's onInstalled event to open post-install "thank you" pages with hidden iframes for suspicious domains, exposing users to #adware and #PUP. Details at bit.ly/4lDRgwr
Calling junior cybersecurity researchers! This tutorial was written with you in mind, especially for those who want to learn to analyze .NET samples. Walk through a complete infection chain of malware and learn to use tools like dnSpy, IDA Pro and x64dbg. bit.ly/3JgXhS6
2025-08-15 (Friday): #LummaStealer infection leads to #SectopRAT (#ArechClient2). Details at bit.ly/45ATcjf
Understand the evolving infection chain of DarkCloud Stealer, starting with phishing emails and culminating in a VB6 payload protected by ConfuserEx. We examine three distinct payloads: bit.ly/4lG5zkd
CVE-2025-32433 is a critical (CVSS 10.0) unauthenticated RCE vulnerability in Erlang/OTP sshd. We discuss its impacts across critical infrastructure and especially operational technology (OT) networks: bit.ly/4maHNgY
A new #smishing campaign targeting the new school season leverages student financial aid-themed lures to redirect victims to compromised domains hosting phishing content collecting credentials, banking, and other sensitive information. More info at bit.ly/4ovXWiR
Unit 42's new Attribution Framework provides a systematic approach to analyzing threat data, moving from activity clusters to named actors with defined confidence levels. See the process at work: bit.ly/4mlPFMt
#AI-powered summary-related Chrome extensions are on the rise, posing serious #DataSecurity risks. We found multiple #BrowserExtensions sending sensitive user data (e.g., email, chat logs) to low-reputation domains. Examples at bit.ly/4maWFvN
We assess with high confidence links between Storm-2603 and activity we track as CL-CRI-1040. Our investigation delves into use of Project AK47: a toolkit that includes ransomware and backdoors. bit.ly/4m1dxVI
From MSAs to dMSAs: Unit 42 traces the evolution of Managed Service Accounts and explains the BadSuccessor attack vector in Windows Server 2025. This article includes discussion of the PoC SharpSuccessor. bit.ly/40S4j5V
Understand the range of threat actors tracked by Unit 42. This includes groups across China, North Korea, Pakistan and Russia. We also cover major cybercrime and ransomware groups, and feature unique findings based on telemetry and incident response cases: bit.ly/4fPBxZB
🎯 Social engineering is evolving. Are you ready? The 2025 Unit 42 Global IR Report reveals how attackers target people, not just tech. Heading to #BHUSA? Visit Booth 3240 to learn more. 📖 Read the report: bit.ly/3J2LdUr
Cloud logging is not just a checkbox. It's foundational for security, compliance and business insights. Understand the nuances of regulatory and data requirements across AWS, Azure and GCP: bit.ly/3TSi0Oc
Florian Roth ⚡️ @cyb3rops
206K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
BleepingComputer @BleepinComputer
240K Followers 200 Following Breaking cybersecurity and technology news, guides, and tutorials that help you get the most from your computer. DMs are open, so send us those tips!
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Stephan Berger @malmoeb
28K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
Ali Hadi | B!n@ry @binaryz0ne
33K Followers 565 Following DFIR and Adversary Simulation | DFIR @ ProtonMail
Katie Nickels @likethecoins
55K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
blackorbird @blackorbird
35K Followers 671 Following Peace and Love. Just Analysis/Hunter. #APT #threatIntelligence #Exploit #CTI Need Job
Will @BushidoToken
36K Followers 3K Following Senior Threat Intel Advisor @TeamCymru | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | Co-founder @BSidesBournemth | @darknetdiaries #126: REvil
Michael Koczwara @MichalKoczwara
23K Followers 2K Following Threat Researcher/Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/VQWaze6gaF
DebugPrivilege @DebugPrivilege
40K Followers 2K Following Windows Nerd | Ex-MSFT | Microsoft MVP in Windows | Interested in Security, Debugging, and Windows Internals.
Blue Team News @blueteamsec1
52K Followers 9K Following The cybersecurity home for the latest #BlueTeam, #DFIR, and #ThreatHunting news and tools.
ςεяβεяμs - м�... @c3rb3ru5d3d53c
25K Followers 243 Following 💕 Malware Hunter Killer 💕 #binlex & #mwcfg Developer 📽️ YouTuber 👩💻 She/Her 💍@DravenSwiftbow Support my work 👇 ☕️ https://t.co/NoM1TXq00P
Thomas Roccia 🤘 @fr0gger_
31K Followers 2K Following AI Security x Threat Intel · Sr. Threat Researcher @Microsoft · Creator of #Unprotect & #NOVA · Malware Warlock · Python 🧡 · Prev @McAfee_Labs · Views mine 😈
Germán Fernández @1ZRR4H
35K Followers 461 Following 🏴☠️ OFFENSIVE-INTEL 🏴☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Samir @SBousseaden
25K Followers 1K Following Detection Engineering | Elastic Security Mastodon: @[email protected]
Max_Malyutin @Max_Mal_
13K Followers 310 Following Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”
rootsecdev @rootsecdev
26K Followers 1K Following Senior Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.
Karsten Hahn @struppigel
24K Followers 757 Following MalwareAnalysisForHedgehogs, Principal Malware Researcher at GDATA, he/him 🦔🌈🏳️⚧️
Clandestine @akaclandestine
49K Followers 5K Following | Security | Osint | Threat Research | Opsec | Threat Intelligence | Infosec | Threat Hunting | Humint |
abdullah hakami @kh_474
24 Followers 156 Following
Yali Sulimani @YaliMintus
27 Followers 112 Following
Daniel Tenn @daniel_tenn
4 Followers 43 Following
Michele Ferrato @MicheleFerrato
20 Followers 591 Following
cesar @cesar_ali_
88 Followers 532 Following
곽근진 @jaejin2348
0 Followers 28 Following
Anoop chaudhary @Cyb3erAnoop
0 Followers 91 Following
simbolonvande @dennyssimbolon
3 Followers 428 Following
Uk USA Iptv NEST prov... @iptv_uk67974
66 Followers 368 Following Best📺 Service 🆓24 Hour's Free Trail ➡️19k+live Channels ➡️80k+VODS Series And Movies ➡️All Sports Channels. Whatsapp ➡️https://t.co/kuz0SNatVe
Simon @simoncyber_
0 Followers 28 Following
Malware Hunter @malwarehunt2410
0 Followers 50 Following
Smeat @Smeat109420
15 Followers 29 Following Just a can of fucking sentient meat that advised the White House on trade policy.
Jan @Jan543636578155
0 Followers 33 Following
Cybersecurity Stash @cybersecstash
65 Followers 201 Following Discover our collection of cybersecurity tools and resources for infosec professionals.
Stan Lozovsky @StanLozovsky
0 Followers 14 Following
Paprika @nvpaprika
17 Followers 131 Following
Phillipsdas @phillipsda79096
0 Followers 38 Following
orbdot @orbdot
1 Followers 473 Following
Zephryn Intelligence @ZephrynIntel
3 Followers 64 Following OSINT | Cybersecurity & Physical Security Intelligence | Insights, alerts & strategies to safeguard digital & physical Lives | USAF Vet | Psalm 82:3-4
nonFORcti @cti_lookup
0 Followers 51 Following
MoonMouse @moonsteelrat
12 Followers 491 Following
Ramy Aldeeb @ramy_aldeeb
4 Followers 225 Following
mad31k @mad31k
1 Followers 130 Following
John Lampe @f00dikator
275 Followers 796 Following Child of G-d/Libertarian/Hapa haole/Jarhead/Husband/Father/PowerLifter/Hacker/Blue Team Ninja/CreativeOps. Ingesting PCAPs and spitting Truth.
tanaka777 @MTanaka777
9 Followers 195 Following
EmetGuard @EmetGuard
5 Followers 312 Following
Proxy @Proxy66666
0 Followers 19 Following
Mani @Mani26126018
1 Followers 52 Following
Arenaton @ArenatonVUND
577 Followers 1K Following Arenaton: Sports betting interface for @9livesso prediction markets on @superpositionso Smarter bets with AI & crypto! #PredictionMarkets
vijaykumar @vijayku04943243
13 Followers 67 Following
. @declanbatten
1 Followers 258 Following
Scott Orton @scottjorton
1 Followers 38 Following Interested in Cyber Security, Cloud things, Beer, Braai (BBQ for most of the world) and recently became an amateur darts player.
Jon @baconslap23
0 Followers 22 Following
KAL EL @KALEL8383
24 Followers 565 Following
JB @lodon1977
1 Followers 15 Following
Kennyken @egwimkenny
63 Followers 646 Following News Local News World News Sports Football Music International Entertainment News Government & Politics International Politics Entertainment TV Football Music
ich han @IchHan22542
1 Followers 5 Following
Karol Poplewski @TeQu97600032
0 Followers 38 Following beat maker, indywidualista, poeta, chłopak prawie z baraków.
Sutanto Edwin @sutanto_11
0 Followers 8 Following
Anthropod @Anthropod148942
0 Followers 187 Following
Florian Roth ⚡️ @cyb3rops
206K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
BleepingComputer @BleepinComputer
240K Followers 200 Following Breaking cybersecurity and technology news, guides, and tutorials that help you get the most from your computer. DMs are open, so send us those tips!
Katie Nickels @likethecoins
55K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
Catalin Cimpanu @campuscodi
107K Followers 2K Following Parked account. I don't usually post here on a regular basis. Cybersecurity reporter. Check me out on BlueSky and Mastodon.
SANS.edu Internet Sto... @sans_isc
116K Followers 86 Following @[email protected] - https://t.co/8IgCGtJnZd - Global Network Security Information Sharing Community -
CISA Cyber @CISACyber
284K Followers 71 Following Part of @CISAgov, we respond to major incidents, analyze threats, and exchange critical cybersecurity information with partners around the world.
Life at Palo Alto Net... @WeHireLeaders
2K Followers 328 Following @PaloAltoNtwks is the global #cybersecurity leader. Learn about #LifeAtPaloAltoNetworks and the work we do to make the world safer and more secure. 🧡
Wendi Whitmore @wendiwhitmore
3K Followers 469 Following CSIO, Palo Alto Networks. Inaugural member DHS CSRB, USAF Veteran. Former CrowdStrike, Mandiant, & IBM Security X-Force. All views my own.
João-Pierre Ruth @jpruth
2K Followers 1K Following Senior Editor, @InformationWeek covering tech policy, #Fintech, code strategy, cloud & edge. Corporate goth, part-time vampire. NO EMBARGOED PITCHES!
Lawrence Hecht @LawrenceHecht
3K Followers 295 Following Analyst sharing open data and sharing insight about enterprise IT, tech policy, surveys, economics. Bluesky: @lawrencehecht.info
Naomi Eide @NaomiEide
2K Followers 1K Following Send me your tech thoughts. Lead Editor at @CIOdive and @CybersecDive -- @ProvidenceCol & @merrillcollege alum
Joseph Menn @josephmenn
23K Followers 2K Following Covering hacking, disinformation at the Washington Post. Person account. Signal joemenn.01. https://t.co/Nw79kDHP2f, first.last at https://t.co/NAqcNbS2m8
Dustin Volz @dnvolz
35K Followers 2K Following @WSJ reporter covering cyber and intelligence. Priors w/ @Reuters and @nationaljournal.
Kim Zetter @KimZetter
93K Followers 3K Following Journalist - cyber/national security. Author - COUNTDOWN TO ZERO DAY: Stuxnet and the Launch of the World's First Digital Weapon. https://t.co/334DzfSL1f
Nicole Perlroth @nicoleperlroth
87K Followers 6K Following securing what matters | 🎙 pod TO CATCH A THIEF | ✍️ book THIS IS HOW THEY TELL ME THE WORLD ENDS | ex cyber @nyt | backing digital heroes @silverbuckshot 🚀
@[email protected]... @dangoodin001
41K Followers 728 Following Please use this hell site as sparingly as possible. Elmo can't be allowed to succeed. Follow me on Mastodon @[email protected]
Ars Technica @arstechnica
1.2M Followers 1K Following Original news, reviews, analysis of tech trends, and expert advice on the most fundamental aspects of tech.
Neil Jenkins @nejenkins
1K Followers 947 Following PhD Chemist doing cyber @Cisco @TalosSecurity. Opinions = my own. Homies w/ @IST_org. Former @DHSgov, @CyberAlliance. @[email protected]
Lindsey O-Donnell-Wel... @LindseyOD123
3K Followers 2K Following Cybersecurity writer @HuntressLabs @DecipherSec Previous @ThreatPost, @CRN, @Holy_cross alum
Charlie Osborne @SecurityCharlie
11K Followers 408 Following Cybersecurity Ventures | Cybercrime Radio @CybersecuritySF contributor, @ZDNet writer, rugby/F1 fan, photographer, BBQ enthusiast : https://t.co/787dJi8hPW
360 Threat Intelligen... @360CoreSec
5K Followers 125 Following
Kathi Whitbey 🇺�... @kjo364
269 Followers 389 Following Cybersecurity professional. EMS. Lucky wife. Runner. Traveler. Awesome Aunt. Marine Brat. Beer Girl.
Jake Williams @MalwareJake
142K Followers 2K Following Breaker of software | VP R&D @hunterstrategy | CTI/DFIR | @ians_security faculty | Bookings: jake at malwarejake dot com | GSE #150 | He/him
Wireshark Foundation @WiresharkNews
16K Followers 39 Following We want to help as many people as possible understand their networks as much as possible. Shared amongst several of the core team, but mostly @GeraldCombs.
Michael Howard @michael_howard
4K Followers 136 Following Software security @MSFT working on Azure. Co-author of 'Designing and Developing Secure Azure Solutions' and Co-host of the Azure Security Podcast.
Ivan Macalintal @IMNetSpyder
226 Followers 147 Following Connecting the Dots, Tweeting and Hooting through the kaleidoscope of life. Tweets, Hoots and Opinions are my own and do not represent that of my employer.
Lawrence Abrams @LawrenceAbrams
18K Followers 837 Following Ransomware, Online Security, and Malware. Owner, Editor in Chief of @bleepincomputer. DM on Signal: LawrenceA.11 * https://t.co/LXVRoICs8Z
Katie🌻Moussouris (... @k8em0
110K Followers 10K Following @LutaSecurity CEO @payequitynow MIT&Harvard visiting scholar, @MasonNatSec fellow, 1/2 Chamoru, hacker @k8em0.bsky.social Legacy blue check
Ionut Ilascu @Ionut_Ilascu
5K Followers 178 Following security news reporter @BleepinComputer 🐘: https://t.co/9L2XjPxKEV
Sean Kerner @TechJournalist
69K Followers 3K Following IT consultant, technology user, tinkerer and sometimes Klingon ; tips [email protected]
Robert J. A. Abel @RobertJAAbel
1K Followers 425 Following Cybersecurity, Cars, Culture, Boxing, and the occasional airport rant
Eduard Kovacs @EduardKovacs
14K Followers 1K Following Managing Editor @SecurityWeek - I cover ICS/OT security, data breaches, vulnerabilities, cybercrime, malware, and industry news.
Pierluigi Paganini - ... @securityaffairs
37K Followers 5K Following Founder of Security Affairs, CYBHORUS, and Cybaze. Member Ad-Hoc Working Group on Cyber Threat Landscapes, Ethical Hacker, Security Evangelist, Security Analyst
Steve Ragan ⚠️ @SteveD3
15K Followers 3K Following Father. Grandpa. Geek. Hacker. Former journalist. Security researcher. CMO @BSidesLV. Member: @CuratedIntel | BOD @CircleCityCon (RIP). | Tweets are my own.
briankrebs @briankrebs
333K Followers 2K Following Independent investigative journalist. Author of 'Spam Nation,' a NYT bestseller. Former Washington Post reporter. Mastodon: https://t.co/fTKNavlMwp
Help Net Security @helpnetsecurity
60K Followers 27 Following Independent cybersecurity news since 1998. Discover what matters in the world of information security today.
SwiftOnSecurity @SwiftOnSecurity
405K Followers 9K Following computer security person. former helpdesk.
Rebekah Brown @PDXbek
6K Followers 574 Following Senior Researcher @citizenlab | Author | SANS Instructor | Spend my time on threat intel, research, music, & coffee.
ATT&CK @MITREattack
113K Followers 521 Following MITRE ATT&CK® - A knowledge base for describing the behavior of adversaries. Replying/Following/Re-tweeting ≠ endorsement. @ https://t.co/wt46ArkZVt
SANS Institute @SANSInstitute
191K Followers 417 Following SANS is the most trusted and by far the largest source for information & cyber security training, certification and research in the world.
Johannes Ullrich @johullrich
14K Followers 434 Following
ClearSky Cyber Securi... @ClearskySec
10K Followers 497 Following Cyber security and threat intelligence company
Microsoft Security Re... @msftsecresponse
145K Followers 215 Following We are the Microsoft Security Response Center. To report security vulnerabilities or abuse in Microsoft products, visit https://t.co/kxEbdfMny1.Trends for United States
You might like
