ZCyberNews
中文

#unit-42

6 articles

This archive collects 12 articles tagged unit-42 published between April 22, 2026 and May 15, 2026, giving security teams a focused view of how this topic has appeared across ZCyberNews coverage. Observed actor references include Gremlin Stealer, LockBit, and TeamPCP, presented only where the underlying article metadata supports the attribution. The affected-scope signals emphasize technology, enterprise, and software development across Global, Central america, and North america, helping readers compare exposure patterns without adding claims beyond the archive data. Severity coverage includes 1 critical, and 9 high reports.

Gremlin Stealer Evolves: Crypto Clipping, Session Hijacking, PackedHIGH
Malware

Gremlin Stealer Evolves: Crypto Clipping, Session Hijacking, Packed

Unit 42 details a new Gremlin stealer variant using XOR-encrypted resource sections, crypto clipper, WebSocket session hijacking, and a commercial packer with instruction...

5 min readGremlin Stealer
West Pharma Hit by Ransomware, Systems Disrupted GloballyHIGH
Industry News

West Pharma Hit by Ransomware, Systems Disrupted Globally

West Pharmaceutical Services took systems offline globally after a May 4 ransomware attack with data exfiltration. Unit 42 is investigating; ransom may have been paid.

2 min readLockBit
AI Browser Extensions Steal Emails, Passwords via Prompt InjectionHIGH
Threat Intel

AI Browser Extensions Steal Emails, Passwords via Prompt Injection

Unit 42 finds 30+ malicious AI browser extensions exfiltrating email content, credentials, and API keys via prompt injection and DOM scraping. Affects Chrome, Edge users.

3 min read
TeamPCP Partners with Vect Ransomware in Supply Chain AttacksCRITICAL
Threat Intel

TeamPCP Partners with Vect Ransomware in Supply Chain Attacks

Unit 42 reports TeamPCP has partnered with Vect ransomware group to target security software vendors in multi-stage supply chain attacks, compromising trusted update mechanisms.

2 min readTeamPCP
Unit 42 Tracks TGR-STA-1030 Activity in Central and South AmericaHIGH
Threat Intel

Unit 42 Tracks TGR-STA-1030 Activity in Central and South America

Palo Alto Unit 42 reports TGR-STA-1030 remains active in Central and South America, targeting government and energy sectors with custom malware and living-off-the-land techniques.

2 min readTGR-STA-1030
AirSnitch Attacks Bypass WPA2/3 Encryption, Expose Enterprise Wi-FiHIGH
Threat Intel

AirSnitch Attacks Bypass WPA2/3 Encryption, Expose Enterprise Wi-Fi

Unit 42 reveals AirSnitch attacks bypass WPA2/3 encryption and client isolation, exposing enterprise Wi-Fi to packet injection and credential theft.

3 min read

Stay Updated

Get the latest cybersecurity news delivered to your inbox.