Tag: unit 42
31 articles

Unit 42 Research Exposes Risks in Amazon Bedrock's Multi-Agent AI Systems
Unit 42's latest research reveals a hidden threat: multi-agent AI systems on Amazon Bedrock can be vulnerable to new and alarming risks, including prompt injection attacks that practitioners can't afford to ignore. Learn how to safeguard your AI applications from these emerging threats.

Vulnerabilities Exposed in Amazon Bedrock AgentCore Sandbox
Security researchers at Unit 42 have uncovered critical vulnerabilities in Amazon Bedrock AgentCore's sandbox, revealing that a protective layer meant to separate code and services can be breached using DNS tunneling, exposing sensitive credentials in the process. This alarming discovery highlights the potential risks of slipping through the cracks of a supposedly secure system.

Kubernetes Environments Under Siege as Attacks Escalate
Kubernetes environments are under attack like never before, with threat actors exploiting identities and critical vulnerabilities to compromise cloud infrastructure - so what can organizations do to protect themselves? The warning signs are clear: it's time to take action against escalating Kubernetes attacks.

TGR-STA-1030 Exclusive: Severe Breach Hits 70 Sites
Meet TGR-STA-1030: a stealthy Asia-based espionage crew that’s quietly breached at least 70 government and critical‑infrastructure networks across 37 countries, using bespoke tools, credential harvesting and meticulous reconnaissance to keep long‑term, hard-to-detect access to telecom and communications systems.

Nation-State Hackers Deploy Dire Exclusive Airstalk Malware
Think your MDM keeps devices safe? Think again — a suspected nation-state is using the AirWatch API to deploy Airstalk malware, hijacking trusted management channels to stealthily compromise fleets of phones.

Jingle Thief Exclusive: Costly Cloud Hack Steals Millions
Imagine criminals turning your retailer’s cloud into a holiday ATM—Unit 42 warns the Jingle Thief gang uses phishing and smishing to steal credentials and exploit misconfigured cloud systems to issue and redeem millions in gift cards. Stronger identity controls, logging and vendor oversight are urgent fixes before consumers and merchants are left cleaning up the mess.

NET malware Dangerous: Exclusive Phantom Taurus Threat
A Beijing-linked group dubbed Phantom Taurus is quietly using custom .NET malware to hunt credentials and siphon sensitive files from government web servers across Asia, Africa and the Middle East — a sharp reminder that everyday frameworks can hide serious threats. Defenders should harden .NET apps, tighten logging and MFA, and share indicators fast to turn the tables before secrets slip away.