Fracturing Software Security With Frontier AI Models
Unit 42 finds frontier AI models enhance vulnerability discovery, acting as full-spectrum security researchers. They enable autonomous zero-day discovery and...
Unit 42
6 articles
Threat Brief: Escalation of Cyber Risk Related to Iran (Updated April 17)
Unit 42 details recent Iranian cyberattack activity, sharing direct observations of phishing, hacktivist activity and cybercrime. We include recommendations ...
A Deep Dive Into Attempted Exploitation of CVE-2023-33538
CVE-2023-33538 allows for command injection in TP-Link routers. We discuss exploitation attempts with payloads characteristic of Mirai botnet malware.
Cracks in the Bedrock: Agent God Mode
Unit 42 reveals "Agent God Mode" in Amazon Bedrock AgentCore. Broad IAM permissions lead to privilege escalation and data exfiltration risks.
Cracks in the Bedrock: Escaping the AWS AgentCore Sandbox
Unit 42 uncovers critical vulnerabilities in Amazon Bedrock AgentCore's sandbox, demonstrating DNS tunneling and credential exposure. The post Cracks in the ...
Understanding Current Threats to Kubernetes Environments
Unit 42 uncovers escalating Kubernetes attacks, detailing how threat actors exploit identities and critical vulnerabilities to compromise cloud environments....