Google Authenticator: The Hidden Mechanisms of Passwordless Authentication
Explore Google’s synced passkey architecture. Unit 42 details its mechanisms, key management, and secure communication in passwordless systems." The post Google Authenticator: The Hidden Mechanisms of Passwordless Authentication appeared first on Unit 42.
From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day
Written by: Peter Ukhanov, Daniel Sislo, Nick Harbour, John Scarbrough, Fernando Tomlinson, Jr., Rich Reece Introduction Mandiant and Google Threat Intelligence Group (GTIG) have identified the zero-day exploitation of a high-risk vulnerability in Dell RecoverPoint for Virtual
Exposing the Undercurrent: Disrupting the GRIDTIDE Global Cyber Espionage Campaign
Introduction Last week, Google Threat Intelligence Group (GTIG), Mandiant, and partners took action to disrupt a global espionage campaign targeting telecommunications and government organizations in dozens of nations across four continents. The threat actor, UNC2814, is a suspec
‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA
Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms. But a stealthy new phishing-as-a-service offering lets customers sidestep both of these pitf
Who is the Kimwolf Botmaster “Dort”?
In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to assemble Kimwolf, the world's largest and most disruptive botnet. Since then, the person in control of Kimwolf -- who goes by the handle "Dort" -- has coordinated
AI Agents 'Swarm,' Security Complexity Follows Suit
As AI deployments scale and start to include packs of agents autonomously working in concert, organizations face a naturally amplified attack surface.
Nation-State Hackers Put Defense Industrial Base Under Siege
Espionage groups from China, Russia and other nations burned at least two dozen zero-days in edge devices in attempts to infiltrate defense contractors' networks.
Microsoft Under Pressure to Bolster Defenses for BYOVD Attacks
Threat actors are exploiting security gaps to weaponize Windows drivers and terminate security processes in targeted networks, and there may be no easy fixes in sight.
Zscaler-SquareX Deal Boosts Zero Trust, Secure Browsing Capabilities
Zscaler's acquisition of SquareX comes as competitors like CrowdStrike and Palo Alto Networks also invest in secure browser technologies.
260K+ Chrome Users Duped by Fake AI Browser Extensions
30 copycat apps tricked users, and Google itself, into thinking they're legitimate AI tools.
_Thomas_Bethge_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Operation DoppelBrand: Weaponizing Fortune 500 Brands
The GS7 cyber-threat group targets US financial institutions with near-perfect imitations of corporate portals to steal credentials and gain remote access.
ClickFix Attacks Abuses DNS Lookup Command to Deliver ModeloRAT
ClickFix campaigns have adapted to the latest defenses with a new technique to trick users into infecting their own machines with malware.