appsec.fyi · Sources

unit42.paloaltonetworks.com

13 curated AppSec resources from unit42.paloaltonetworks.com across 9 topics on appsec.fyi.

unit42.paloaltonetworks.com

Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-04-19.

AI 3 Secrets 2 Supply Chain 2 API Sec 1 AuthZ 1 Mobile 1 Python 1 RCE 1 SSRF 1
Date Added Resource Excerpt
2026-04-19 2026LANDFALL: New Commercial-Grade Android Spyware (CVE-2025-21042)MobileLANDFALL: New Commercial-Grade Android Spyware (CVE-2025-21042)
2026-04-19 2026Microsoft WSUS RCE (CVE-2025-59287) Actively ExploitedRCEMicrosoft WSUS RCE (CVE-2025-59287) Actively Exploited
2026-04-11 2026GitHub Actions Supply Chain Attack: Coinbase to tj-actionsSupply ChainGitHub Actions Supply Chain Attack: Coinbase to tj-actions
2026-04-11 2026Shai-Hulud Worm Compromises npm EcosystemSupply ChainShai-Hulud Worm Compromises npm Ecosystem
2026-04-11 2026Leaked Env Variables Allow Large-Scale Cloud ExtortionSecretsLeaked Env Variables Allow Large-Scale Cloud Extortion
2026-04-11 2026CloudKeys in the Air: Exposed IAM Keys CryptojackingSecretsCloudKeys in the Air: Exposed IAM Keys Cryptojacking
2026-04-11 2026Exposing a New BOLA Vulnerability in GrafanaAPI SecExposing a New BOLA Vulnerability in Grafana
2026-04-11 2026Fooling AI Agents: Web-Based Indirect Prompt Injection Observed in the WildAIFooling AI Agents: Web-Based Indirect Prompt Injection Observed in the Wild
2026-04-11 2026New Prompt Injection Attack Vectors Through MCP SamplingAINew Prompt Injection Attack Vectors Through MCP Sampling
2026-04-10 2026SSRF Exposes Data of Technology, Industrial and Media OrganizationsSSRFSSRF Exposes Data of Technology, Industrial and Media Organizations
2026-04-10 2026RCE With Modern AI/ML Formats and Python LibrariesPythonRCE With Modern AI/ML Formats and Python Libraries
2026-04-06 2026Exposing Security Blind Spots in GCP Vertex AIAuthZExposing Security Blind Spots in GCP Vertex AI
2026-04-02 2026Auditing the Gatekeepers: Fuzzing "AI Judges" to Bypass Security ControlsAIAuditing the Gatekeepers: Fuzzing "AI Judges" to Bypass Security Controls https://ift.tt/Ehr93N5