This Threat Brief from Unit 42 details critical RCEs (CVE-2025-55182, CVE-2025-66478) in React and Next.js, rated CVSS 10.0. The vulnerabilities stem from insecure deserialization within the RSC Flight protocol and enable unauthenticated, arbitrary code execution with high reliability. This impacts a vast ecosystem. Learn more: https://bit.ly/48SQXKM
Palo Alto Networks Unit 42
Computer and Network Security
SANTA CLARA, CA 93,588 followers
Unit 42 Threat Intelligence & Incident Response. Intelligence Driven. Response Ready.
About us
Palo Alto Networks Unit 42 brings together world-renowned threat researchers with an elite team of incident responders and security consultants to create an intelligence-driven, response-ready organization passionate about helping customers more proactively manage cyber risk. With a deeply rooted reputation for delivering world-class threat intelligence, Unit 42 provides industry-leading incident response and cyber risk management services to security leaders around the globe.
- Website
-
http://paloaltonetworks.com/unit42
External link for Palo Alto Networks Unit 42
- Industry
- Computer and Network Security
- Company size
- 5,001-10,000 employees
- Headquarters
- SANTA CLARA, CA
- Type
- Public Company
- Founded
- 2005
- Specialties
- Incident Response, Risk Management, Operational Threat Intelligence, and Network Security
Locations
-
Primary
Get directions
3000 Tannery Way
SANTA CLARA, CA 95054, US
Employees at Palo Alto Networks Unit 42
Updates
-
Browser-update-themed lures are fueling a surge in #ClickFix activity. We've seen 10K-plus hits on sites that lead to ClickFix pages pushing a variety of malware types through #pastejacking. Details at https://bit.ly/4iyA4s6
-
-
Palo Alto Networks Unit 42 reposted this
Incident response just got faster, just take it from Sam Rubin ⚡ Cloud attacks don’t respect boundaries. They jump across surfaces instantly. Now your response can too. Palo Alto Networks Unit 42 and AWS have launched a No-Cost IR Retainer for qualified customers, available now on AWS Marketplace. Here’s what you get when minutes matter: ✅ 250 hours of IR at no cost ✅ 2-hour SLA ✅ Always-on access to Unit 42 Get the details. https://bit.ly/4pc0Usv
-
Palo Alto Networks Unit 42 reposted this
We came to play, #AWSreInvent 🏓 We started the day with pickleball with pros, then moved over to the Aria for keynote watch parties and fireside conversations in our space to connect, recharge and talk about what’s next. See you tomorrow!
-
Palo Alto Networks Unit 42 reposted this
Breaking news from #AWSreInvent! Your incident response just leveled up ⬆️ Attacks don't respect your network boundaries or cloud environments. They move laterally across attack surfaces. That’s why Palo Alto Networks Unit 42 is expanding our collaboration with Amazon Web Services (AWS) to launch the No-Cost Unit 42 IR Retainer, available instantly on AWS Marketplace for qualified customers. Complex cloud incidents demand holistic, cross-environment investigation and deep skill. Get the essential, rapid defense on AWS when minutes matter most: ✅ 250 no-cost IR hours ✅ 2-hour response SLA ✅ 24/7/365 access to Unit 42 experts Secure your no-cost retainer now. https://bit.ly/4pc0Usv
-
Palo Alto Networks Unit 42 reposted this
When ransomware hits, don’t panic, fight back. Ransomware crippled a multinational healthcare network, encrypting servers and threatening life-saving applications. When time was critical, Palo Alto Networks Unit 42 stepped in to lead recovery, manage restoration, and fortify defenses. The case study breaks down how the team brought systems back online at mission-critical speed. https://bit.ly/48Dmq3C
-
Beware of #scams on #BlackFriday: Known threat actors are increasing email phishing, often linking to fraudulent luxury shopping sites. In addition, new domains are increasingly registered and used for #phishing and other scams. Stay alert! Details at https://bit.ly/3XW6nrm
-
-
As they ramp up for the biggest shopping weeks of the calendar year, organizations should be aware of the “unwavering chaos” presented by cybercrime groups. This Insights blog discusses the latest movements of cybercrime alliance Scattered LAPSUS$ Hunters: New data theft allegations, #ShinySp1d3r ransomware and insider recruitment: https://bit.ly/48svU0y
-
-
The dual-use dilemma, traditionally associated with technologies such as nuclear physics, now extends to artificial intelligence. Our latest research looks at how malicious LLMs are democratizing skill and commercializing cyberattacks. This dual-use AI hastens the need for ethical guardrails and accountability. https://bit.ly/480laYa
-