The IT Nerd

The new wave of agentic browsers brings the promise of transforming the way we use our computers and experience the internet, with AI-driven tools that interact with websites, fill out forms and manage workflows on our behalf. But with these experiential benefits, also come profound new cybersecurity challenges. 

Unit 42 researchers at Palo Alto Networks released new research on a high-severity vulnerability (CVE-2026-0628) they discovered in Google’s new Gemini Live in Chrome feature that could allow malicious extensions with basic permissions to ‘hijack’ the new in-browser AI assistant, granting attackers access to webcams, microphones, and private files. 

Palo Alto Networks researchers shared the issue with Google in October via coordinated vulnerability disclosure and Google issued a fix in early January. But, this discovery underscores a growing security paradox: as tech giants rush to turn browsers into powerful AI agents, they are inadvertently opening new backdoors to sensitive personal data.

The research is live here: http://unit42.paloaltonetworks.com/gemini-live-in-chrome-hijacking 

Researchers have uncovered an upsurge in authentication coercion cyber-attacks that abuse Windows Remote Procedure Call (RPC) mechanisms that force systems into sending their credentials to an attacker-controlled system.

You can find out more via this Palo Alto Unit 42 Blog post:  https://unit42.paloaltonetworks.com/authentication-coercion/  

Jim Routh, Chief Trust Officer at Saviynt, commented:

“Authentication coercion attacks represent a particularly challenging attack vector for enterprises that rely on extensive use of Microsoft architecture and products. These attacks enable lateral movement with limited visibility for the enterprise. There are several remediation steps recommended that generally require strict adherence to limits in how RPC (remote procedure call) is used within the enterprise. The larger and more complex the enterprise, the more difficult it is to enforce the limitations of RPC. 

“Enterprises should consider more maturity in how privileged access management (PAM) works, including the use of continuous validation techniques that compare attributes from data streams to established patterns.  These techniques measure the deviation from the established pattern mathematically. The deviation threshold (number or score) can trigger automated workflows that restrict access (lateral movement) within milliseconds of an attack attempt. This type of capability is not dependent on humans to detect the threats. It is similar to the way our body’s immune system operates when exposed to bacteria or a virus. Our body’s immune system automatically produces white blood cells and antibodies to attack the bacterial infection. Continuous validation techniques represent a digital immune system response that can take action in milliseconds when lateral movement is automatically identified.” 

This is another big hint that organizations need to look at making sure that users are only able to do what they need to do and nothing more. That would make attacks like these way less effective.

Earlier today to kick off the start of RSA, Palo Alto Networks released multiple announcements:

• Palo Alto Networks introduced Prisma AIRS! A groundbreaking AI security platform designed to protect the entire enterprise AI ecosystem – AI apps, agents, models, and data – at every step. 

• Palo Alto Networks announced that it has entered into a definitive agreement to acquire Protect AI. This strategic acquisition reflects Palo Alto Networks’ commitment to remaining at the forefront of next-generation cybersecurity innovation and expanding its capabilities to protect the dynamic new attack surface created by the explosion of AI.

• Palo Alto Networks Bolsters SASE Capabilities for Modern Workplace. Palo Alto Networks announced its latest advancements in Prisma^® SASE, the industry’s most comprehensive secure access service edge (SASE) solution, unveiling Prisma Access Browser 2.0, the world’s only SASE-native secure browser. Prisma Access Browser 2.0, along with Endpoint Data Loss Prevention (DLP) and expanded cloud presence with Oracle Cloud Infrastructure (OCI), are new Prisma SASE capabilities designed to secure generative AI (GenAI) usage, improve user experience and enhance operational resilience in the modern workplace.

• Palo Alto Networks Cortex XSIAM Delivers Industry’s First AI-Driven SecOps Platform to Span Proactive and Reactive Security. Palo Alto Networks unveiled Cortex XSIAM® 3.0, the next evolution of its industry-leading SecOps platform, bolstered with proactive exposure management and advanced email security, enabling customers to further consolidate on Cortex for significantly better, faster and more cost-effective security operations.

 Palo Alto Networks, the global cybersecurity leader, today announced the release of a Quantum Random Number Generator (QRNG) Open API framework, empowering organizations to prepare for future quantum security threats. The framework, developed in partnership with six innovators across the QRNG field, addresses the need for multi-vendor interoperability across the industry and enables organizations to invest in and build QRNG-based systems that are resilient regardless of the underlying technology or company.

The future convergence of AI, ML, deep learning and classical supercomputing with quantum computing necessitates securing today’s systems against quantum-enabled attacks. QRNG is a technology that uses the principles of quantum mechanics to generate truly random numbers, which are essential for creating secure cryptographic keys. Experts recommend the use of recently released NIST post-quantum cryptography (PQC) standards in combination with QRNG to give organizations the best chance to protect against future threats. The QRNG Open API framework eliminates barriers to QRNG adoption, helping global organizations access the highest quality cryptographic operations possible as they prepare for quantum computing technology.

Available through the Palo Alto Networks GitHub portal, the QRNG Open API can be embedded into any application. Later this year, Palo Alto Networks Next Generation Firewalls (NGFWs) will support the QRNG Open API, enabling the network security platform to bring in entropy for cryptographic functions.

Developed by Palo Alto Networks and leading QRNG technology partners, Anametric, ID Quantique, Qrypt, Quantinuum, Quantropi and Quside, the QRNG Open API will:

• Simplify QRNG integration by removing proprietary silos.
• Maximize interoperability in multi-vendor networks and promote freedom of choice, allowing customers to select the best technologies and systems for their needs, including both cloud-based and on-prem solutions.
• Accelerate QRNG adoption by removing barriers with a collaborative, open approach.
• Provide a common mechanism for obtaining high-quality entropy from an external QRNG platform.

Palo Alto Networks has posted their cybersecurity insights and outlook of what to expect in 2025. In their annual forecast, the company reveals what’s next on the horizon – from AI-driven cyber warfare to energy-efficient data centers and new roles for today’s business leaders. 

Key 2025 Predictions Include: 

• Unified Cybersecurity Platforms through Platformization: Expect cloud security and Security Operations Center to merge into a single infrastructure that fuels AI-driven insights across every attack vector. This will enable organizations to centralize security data, empowering rapid detection and response at scale. 
• Data as a Competitive Advantage: Organizations with vast, integrated data will hold a distinct advantage over startups due to the data-hungry nature of AI models. For the first time, incumbents will leverage their data stores to enhance AI performance, securing a lead in both innovation and cyber defense.
• Adoption of Secure Enterprise Browsers: Adoption of secure enterprise browsers for work, so organizations may implement stronger security measures to protect against rising threats. 
• Energy-Efficient AI: AI’s soaring energy demands have created a pressing need for sustainability. In 2025, we’ll see new techniques for reducing data center energy consumption while still supporting the essential growth of AI-powered cybersecurity.
• Rethinking Quantum Security: As “harvest now, decrypt later” tactics rise, Palo Alto Networks urges organizations to fortify systems today against the anticipated power of quantum decryption technology—a measure essential for securing valuable IP and government data from future exploitation.
• The New Power Duo: CIO & CMO: In an era of real-time, personalized engagement, customer expectations are soaring. Palo Alto Networks predicts that marketing and IT leaders will work in tandem to merge customer insights with robust IT strategies, meeting demand across all channels.

Palo Alto Networks has a news release on this here, and their annual forecast here.

Today, Palo Alto Networks Unit 42 shares that it has identified a new jailbreaking technique, ‘Deceptive Delight,’ which can bypass the safety guardrails of state-of-the-art LLMs to generate unsafe content. The findings highlight significant vulnerabilities in AI systems, revealing the urgent need for enhanced security measures to prevent the misuse of Gen AI technologies.

Key findings detail that Deceptive Delight:

• Achieves a 65% attack success rate against open-source and proprietary AI models, significantly outperforming the 5.8% attack success rate achieved when sending unsafe topics directly to these models without using any jailbreak techniques.
• Embeds unsafe topics within benign narratives, cleverly tricking LLMs into producing harmful content while focusing on seemingly harmless details.
• Employs a multi-turn approach, where the model is prompted progressively across multiple interactions, enhancing both the relevance and severity of the unsafe output generated and increasing the likelihood of harmful content creation.

You can find the full blog here.

Unit 42’s latest research was published today on a North Korean cyber campaign targeting tech job seekers. The campaign, known as CL-STA-240 Contagious Interview, involves fake recruiters on platforms like LinkedIn, tricking users into malware infections that steal sensitive data such as, browser passwords and cryptocurrency wallets. Since its initial report in November 2023, Unit 42 has continued to monitor new online activity and code updates to two pieces of malware tied to the campaign. 

Highlights include: 

• New malware variant, BeaverTail, targets both macOS and Windows, capable of stealing data and cryptocurrency from 13 different wallets
• Social Engineering: Attackers pose as recruiters on platforms like LinkedIn and set up fake interviews, convincing victims to download malware disguised as legitimate software like MiroTalk and FreeConference 
• InvisibleFerret Backdoor: Written in Python, this malware now includes new features like downloading additional remote-control software (AnyDesk) and stealing browser credentials and credit card information 
• Financial Motive: North Korea threat actors likely have a financial motive given the malware’s focus on stealing cryptocurrency from a growing number of wallets

You can read the research here.

As ransomware incidents continue to grow, Palo Alto Networks Unit 42 has discovered a new ransomware-as-a-service (RaaS) group.  Unit 42 has released research on the group, Repellent Scorpius, and how they’re distributing Cicada3301 ransomware.

Highlights include:

• Based on the timeline from a Unit 42 IR engagement, it’s estimated that the ransomware group began their operations in May 2024
• Despite its recent inception, the group is quickly picking up pace by setting up an affiliate program and recruiting partners. This has increased its number of victims
• Repellent Scorpius employs a double extortion scheme of encrypting systems. This entails stealing data and threatening to publish it if the victim doesn’t pay the ransom

You can find the full report here which provides more insights into the new attack group and attack strategy.