Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files Threat Research Center Threat Research Malware Malware min read Related Products Advanced DNS Security Advanced Threat Prevention Advanced URL Filtering Advanced WildFire Cloud-Delivered Security Services Cortex Cortex XDR Cortex XSIAM Unit 42 Incident Response By: Pranay Kumar Chhaparwal Mark Lim Published: May 15, 2026 Categories: Malware Threat Research Tags: API Cryptocurrency Gremlin stealer Obfuscation Payload Telegram VirusTotal Executive Summary This article examines new obfuscation techniques the Gremlin stealer malware uses to conceal malicious payloads within embedded resources. We analyze a variant protected by a sophisticated commercial packing utility that employs instruction virtualization, transforming the original code into a custom, non-standard bytecode executed by a private virtual machine. Gremlin stealer siphons sensitive information from compromised systems and exfiltrates it to attacker‑controlled servers for potential publication or sale.

Essential Data Sources for Detection Beyond the Endpoint Threat Research Center Insights General General min read Related Products Cortex Cortex XDR Cortex XSIAM Unit 42 Frontier AI Defense Unit 42 Incident Response By: Corey Berman Matt Gayford Published: May 1, 2026 Categories: General Insights Tags: Cloud Security IAM Incident response Threat detection 2026 Unit 42 Global Incident Response Report delivers a sharp wake-up call: Threat actors are now moving 4x faster to exfiltration than in 2025. While the endpoint remains a critical first line of defense, the rapid proliferation of cloud services, microservices and remote users has expanded the attack surface beyond what any single tool can monitor. In 75% of incidents Unit 42 investigated, critical evidence of the initial intrusion was present in the logs.

That AI Extension Helping You Write Emails? It’s Reading Them First Threat Research Center Threat Research Malware Malware min read Related Products Advanced DNS Security Advanced URL Filtering Advanced WildFire Cloud-Delivered Security Services Prisma AIRS Prisma Browser Secure Access Service Edge (SASE) Unit 42 Incident Response By: Shresta Bellary Seetharam Nabeel Mohamed Billy Melicher Oleksii Starov Qinge Xie Fang Liu Published: April 30, 2026 Categories: Malware Threat Research Tags: AI browser Browser extension GenAI Infostealer Malware Remote Access Trojan Search hijacker Spyware Executive Summary We found 18 AI browser extensions marketed as productivity tools that are not as they seem. This group includes extensions such as: One that surveils your emails as you compose them Another that intercepts ChatGPT prompts A third that exfiltrates passwords Leveraging the rise of generative AI (GenAI), these extensions deliver remote access Trojans (RATs), meddler-in-the-middle (MitM) attacks and infostealers that target prompts, user behavior and browser sessions.

Frontier AI and the Future of Defense: Your Top Questions Answered Threat Research Center Insights General General min read Related Products Unit 42 AI Security Assessment Unit 42 Frontier AI Defense Unit 42 Incident Response By: Sam Rubin Published: April 23, 2026 Categories: General Insights Tags: GenAI LLM N-day Open source Over the last several weeks, Palo Alto Networks and Unit 42 have been talking with CISOs and security leaders globally to discuss the emergence of frontier AI models and their broader implications on cybersecurity. While the potential for AI-driven innovation is immense, the speed and scale at which these models can be weaponized poses a generational challenge to traditional security programs. We’ve compiled the 10 most frequent questions we are receiving from customers to help you navigate this transition with practical, intelligence-led guidance.

Lessons From Building an Autonomous Cloud Offensive Multi-Agent System Threat Research Center Threat Research Cloud Cybersecurity Research Cloud Cybersecurity Research min read Related Products Cortex Cortex Cloud Cortex XDR Cortex XSIAM Unit 42 AI Security Assessment Unit 42 Cloud Security Assessment Unit 42 Incident Response By: Yahav Festinger Chen Doytshman Published: April 23, 2026 Categories: Cloud Cybersecurity Research Threat Research Tags: AI Cloud Data exfiltration GCP Google Cloud LLMs Multi-agent Penetration testing Executive Summary The offensive capabilities of large language models (LLMs) have until recently existed as theoretical risks – frequently discussed at security conferences and in conceptual industry reports, but rarely discovered in practical exploits. However, in November 2025, Anthropic published a pivotal report documenting a state-sponsored espionage campaign. In this operation, AI didn't just assist human operators – it became the operator, performing 80-90% of the campaign autonomously, at speeds that no human team could match.

When Wi-Fi Encryption Fails: Protecting Your Enterprise from AirSnitch Attacks Threat Research Center Threat Research Malware Malware min read Related Products Cloud-Delivered Security Services IoT Security Unit 42 Incident Response By: Emmanuel Zhou Adam Robbie Rick Wyble Zhutian Liu Zhiyun Qian Zhaowei Tan Srikanth V. Krishnamurthy Mathy Vanhoef Published: April 22, 2026 Categories: Malware Threat Research Tags: AirSnitch MitM Network security Port stealing WiFi encryption Wireless WPA2 WPA3 Executive Summary Enterprises have long trusted Wi-Fi encryption and client isolation to secure their wireless infrastructure. However, we conducted research presented at the NDSS Symposium 2026 that reveals that these safeguards can be breached by a novel set of attack techniques that we call AirSnitch.

Fracturing Software Security With Frontier AI Models Threat Research Center Insights General General min read Related Products Unit 42 AI Security Assessment Unit 42 Frontier AI Defense Unit 42 Incident Response By: Andy Piazza Published: April 20, 2026 Categories: General Insights Tags: AI Attack path Data exfiltration Malware N-day Open Source Software Zero-day Introduction Unit 42 recently got hands-on with frontier AI models, and our initial findings indicate a major shift in the speed, scale and capability of AI models to identify software vulnerabilities. We are now seeing the first frontier models to demonstrate the autonomous reasoning required to function not merely as a coding assistant, but as a full-spectrum security researcher. This brings worrisome advancements in: Autonomous zero-day discovery Collapsing the patching window for N-days Advanced chaining of complex exploitation paths Real-time adaptation to bypass controls of hardened environments The impact of frontier AI models on the threat landscape goes way beyond vulnerability discovery and exploitation.

Cracks in the Bedrock: Agent God Mode Threat Research Center Threat Research Malware Malware min read Related Products Cortex Cortex Cloud Unit 42 AI Security Assessment Unit 42 Cloud Security Assessment Unit 42 Incident Response By: Ori Hadad Published: April 8, 2026 Categories: Malware Threat Research Tags: Agentcore AI agents AWS Bedrock DNS tunneling Exfiltration IAM Identity Killchain Privilege escalation Sandbox Executive Summary Our first article about the boundaries and resilience of Amazon Bedrock AgentCore focused on the Code Interpreter sandbox, and how it can be bypassed using DNS tunneling. In this second part, we delve into the identity and permissions model of AgentCore and the AgentCore starter toolkit . This toolkit is described by AWS as “a Command Line Interface (CLI) toolkit that you can use to deploy AI agents to an Amazon Bedrock AgentCore Runtime.” This toolkit abstracts backend provisioning complexity by automating the creation of runtimes, Amazon Elastic Container Registry ( ECR ) images and execution roles.