Attackers Bypass 1 in 4 Malware Connections as Half of Malicious IPs Miss Threat Feeds
Updated
Updated · paloaltonetworks.com · Jun 4
Attackers Bypass 1 in 4 Malware Connections as Half of Malicious IPs Miss Threat Feeds
1 articles · Updated · paloaltonetworks.com · Jun 4
Summary
One in four malware connections now evade traditional web and DNS inspection entirely, exposing a visibility gap at the internet connection layer, according to a new Unit 42 report.
Half of the malicious IP addresses used in direct-to-IP evasion are absent from open-source threat feeds, leaving defenders blind to attacks that skip payload, URL and domain-based controls.
AI is accelerating that evasion by helping adversaries automate the attack lifecycle, rapidly rotate transient IP addresses and hide activity on shared infrastructure.
Unit 42 said the shift requires CISOs to move beyond prevailing edge-security assumptions and adopt real-time verification at the connection layer.
With half of malicious IPs absent from threat feeds, are traditional reputation-based defenses now obsolete?
As AI automates entire attacks, is the cybersecurity skills gap now an unbridgeable chasm for most organizations?
If AI attacks have 'silent' early stages, how can defenders detect a breach before critical damage is done?
The 2026 Cybersecurity Landscape: How Agentic AI and Advanced Evasion Tactics Are Outpacing Traditional Defenses
Overview
As of mid-2026, the cyber threat landscape is marked by highly sophisticated attackers who use advanced evasion techniques, making it difficult for organizations to detect and attribute incidents. Despite the growth of threat intelligence feeds, security teams are overwhelmed by data and struggle to extract actionable insights, leading to critical intelligence blind spots. Attackers exploit these gaps by operating undetected for long periods and bypassing traditional security measures. This environment creates significant challenges for incident response, as teams face difficulties in scoping incidents and identifying responsible parties, ultimately increasing business risk.