Collecting Cyber-News from over 60 sources

Tag: iran

Iran cuts Internet nationwide amid deadly protest crackdown

Jan 9, 2026 2:01 PM

Tags: Internet, iran

Iran shut down the internet as protests spread nationwide. Dozens were killed in a violent crackdown amid soaring inflation and a collapsing currency. Iran has shut down the internet nationwide as protests spread across multiple cities. Security forces responded with a violent crackdown that reportedly killed dozens. Demonstrations continued despite the blackout, with shops closing…
Internet collapses in Iran amid protests over economic crisis

Jan 8, 2026 8:02 PM

Tags: Internet, iran, monitoring

Internet monitoring firms and experts say Iran’s internet has almost completely shut down, as protests spread through major cities. First seen on techcrunch.com Jump to article: techcrunch.com/2026/01/08/internet-collapses-in-iran-amid-protests-over-economic-crisis/
ThreatsDay Bulletin: RustFS Flaw, Iranian Ops, WebUI RCE, Cloud Leaks, and 12 More Stories

Jan 8, 2026 3:01 PM

Tags: cloud, flaw, hacker, Internet, iran, leak, rce, remote-code-execution, risk, scam, tool

The internet never stays quiet. Every week, new hacks, scams, and security problems show up somewhere.This week’s stories show how fast attackers change their tricks, how small mistakes turn into big risks, and how the same old tools keep finding new ways to break in.Read on to catch up before the next wave hits. Honeypot…
Lone Hacker Used Infostealers to Access Data at 50 Global Companies

Jan 7, 2026 5:01 PM

Tags: access, breach, data, hacker, iran, password

A Hudson Rock report reveals how an Iranian hacker named Zestix breached 50 global companies, including Iberia Airlines and Pickett Associates, by using stolen passwords and a lack of MFA. First seen on hackread.com Jump to article: hackread.com/lone-hacker-infostealers-global-companies-data/
Treasury removes Intellexa spyware-linked trio from sanctions list

Jan 2, 2026 5:52 PM

Tags: iran, spyware

The three Iranians had only just been added to the list in 2024, but a U.S. official said they had separated themselves from the company. First seen on cyberscoop.com Jump to article: cyberscoop.com/treasury-removes-intellexa-spyware-linked-trio-from-sanctions-list/
Handala Hackers Breach Telegram Accounts Linked to Israeli Officials

Jan 2, 2026 3:52 PM

Tags: breach, cyber, group, hacker, hacking, intelligence, iran, mobile, threat, unauthorized

In December 2025, the Iran-linked hacking group known as Handala escalated its influence operations against Israel’s political establishment by publishing material it claimed was pulled from the fully “compromised” mobile devices of two high-profile officials. A technical review by threat intelligence firm KELA, however, indicates the intrusions were far narrower in scope centered on unauthorized…
Top 10 Cybersecurity Predictions for 2026

Jan 1, 2026 10:52 AM

Tags: access, ai, api, application-security, attack, authentication, automation, awareness, backdoor, backup, best-practice, blockchain, breach, business, ceo, china, ciso, cloud, communications, compliance, computer, computing, conference, control, corporate, crypto, cryptography, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, deep-fake, defense, detection, disinformation, email, encryption, espionage, exploit, extortion, finance, fraud, governance, government, group, hacker, hacking, healthcare, identity, incident response, infrastructure, intelligence, Internet, iran, korea, law, linkedin, LLM, malicious, malware, mfa, military, monitoring, msp, mssp, network, nist, north-korea, organized, phishing, privacy, programming, ransom, ransomware, regulation, risk, risk-management, russia, scam, service, skills, soc, social-engineering, software, strategy, supply-chain, tactics, technology, theft, threat, tool, training, ukraine, update, vulnerability, vulnerability-management, warfare, windows, zero-day

Top 10 Cybersecurity Predictions for 2026 The year AI changes cybersecurity forever Cybersecurity predictions are an opportunity to look forward instead of back, to be proactive instead of reactive, and to consider how changes in attackers, technology, and the security industry will impact the sustainability of managing cyber risks. Gaining future insights to the threats, targets,…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 77

Dec 28, 2025 1:56 PM

Tags: android, apt, encryption, international, iran, malware

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Choose Your Fighter: A New Stage in the Evolution of Android SMS Stealers in Uzbekistan From Linear to Complex: An Upgrade in RansomHouse Encryption Prince of Persia: A Decade of Iranian Nation-State APT Campaign…
Iranian >>Prince of Persia<< APT Resurfaces with Telegram-Controlled Stealth Malware

Dec 23, 2025 5:19 AM

Tags: apt, iran, malware

The post Iranian >>Prince of Persia
Infy Returns: Iran-linked hacking group shows renewed activity

Dec 22, 2025 2:19 PM

Tags: apt, group, hacking, iran

Researchers report renewed activity by Iran-linked Infy (Prince of Persia), showing the hacking group remains active and dangerous after years of silence. SafeBreach researchers have spotted renewed activity from the Iran-linked APT group Infy, also known as Prince of Persia, nearly five years after its last known campaigns in Europe. SafeBreach warns the group remains…
Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence

Dec 21, 2025 7:19 AM

Tags: apt, group, hacking, iran, malware, threat

Threat hunters have discerned new activity associated with an Iranian threat actor known as Infy (aka Prince of Persia), nearly five years after the hacking group was observed targeting victims in Sweden, the Netherlands, and Turkey.”The scale of Prince of Persia’s activity is more significant than we originally anticipated,” Tomer Bar, vice president of security…
Iranian APT Prince of Persia returns with new malware and C2 infrastructure

Dec 20, 2025 12:19 AM

Tags: api, apt, group, hacker, infrastructure, iran, malware

A shift to Telegram: More recently, the researchers identified a new Tonnerre variant that’s advertised as v50, as well as an unknown new Foudre version that goes along with it. These versions use a new C2 server structure and, most importantly, can download a file from the server that enables Telegram communication via its API.The…
Iranian APT Targeting Networks and Critical Infrastructure Organizations

Dec 19, 2025 10:19 PM

Tags: apt, cyber, group, infrastructure, iran, malware, network, threat

Iranian state-sponsored threat actors, previously thought to have gone dormant, have resurfaced with sophisticated new malware campaigns targeting critical infrastructure organizations globally. A new research report released by SafeBreach Labs reveals that the >>Prince of Persia
APT35 Leak Reveals Spreadsheets Containing Domains, Payments, and Server Information

Dec 18, 2025 10:19 PM

Tags: credentials, cyber, government, hacker, intelligence, iran, leak, phishing, threat

Iranian cyber unit Charming Kitten, officially designated APT35, has long been dismissed as a noisy but relatively unsophisticated threat actor a politically motivated collective known for recycled phishing templates and credential-harvesting pages. Episode 4, the latest intelligence dump, fundamentally rewrites that assessment. What emerges is not a hacker collective but a government department, complete with…
Iranian APT ‘Prince of Persia’ Resurfaces With New Tools and Targets

Dec 18, 2025 6:19 PM

Tags: apt, group, hacker, india, iran, malware, tool

SafeBreach reports the resurgence of the Iranian APT group Prince of Persia (Infy). Discover how these state-sponsored hackers are now using Telegram bots and Thunder and Lightning malware to target victims globally across Europe, India, and Canada. First seen on hackread.com Jump to article: hackread.com/iran-apt-prince-of-persia-resurfaces/
Iranian APT ‘Prince of Persia’ Resurfaces With New Tools and Targets

Dec 18, 2025 6:19 PM

Tags: apt, group, hacker, india, iran, malware, tool

SafeBreach reports the resurgence of the Iranian APT group Prince of Persia (Infy). Discover how these state-sponsored hackers are now using Telegram bots and Thunder and Lightning malware to target victims globally across Europe, India, and Canada. First seen on hackread.com Jump to article: hackread.com/iran-apt-prince-of-persia-resurfaces/
Dormant Iran APT is Still Alive, Spying on Dissidents

Dec 18, 2025 2:19 PM

Tags: apt, control, iran

Prince of Persia has rewritten the rules of persistence with advanced operational security and cryptographic communication with its command-and-control server. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/iran-apt-spying-dissidents
Dormant Iran APT is Still Alive, Spying on Dissidents

Dec 18, 2025 2:19 PM

Tags: apt, control, iran

Prince of Persia has rewritten the rules of persistence with advanced operational security and cryptographic communication with its command-and-control server. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/iran-apt-spying-dissidents
China, Iran are having a field day with React2Shell, Google warns

Dec 15, 2025 7:19 PM

Tags: china, exploit, flaw, google, iran

Who hasn’t exploited this max-severity flaw? First seen on theregister.com Jump to article: www.theregister.com/2025/12/15/react2shell_flaw_china_iran/
Nation-State and Cybercrime Exploits Tied to React2Shell

Dec 15, 2025 7:19 PM

Tags: china, cve, cybercrime, ddos, exploit, hacker, iran, korea, malware, north-korea, service, update, vulnerability

2 More Vulnerabilities Need Patching in React Server Components, Warns Vercel. Mass exploitation of the React2Shell – CVE-2025-55182 – vulnerability remains underway by nation-state hackers tied to China, North Korea and Iran, as well as financially motivated cybercriminals running everything from cryptomining malware to DDoS services, security experts warn. First seen on govinfosecurity.com Jump to…
Charming Kitten Leak Reveals Key Operatives, Front Firms, and Massive Global Compromise

Dec 11, 2025 7:32 PM

Tags: access, cyber, data, data-breach, iran, leak, network

The latest materials from the Charming Kitten network access reveal three significant findings that expand our understanding of Iran’s APT35 cyber operations: complete salary records for operative teams, expanded surveillance platform capabilities, and a classified 2004 document connecting Iran’s obtained IAEA inspection materials to Department 40 assassination targeting. The leaked materials document unprecedented compensation data…
Charming Kitten Leak Reveals Key Operatives, Front Firms, and Massive Global Compromise

Dec 11, 2025 7:32 PM

Tags: access, cyber, data, data-breach, iran, leak, network

The latest materials from the Charming Kitten network access reveal three significant findings that expand our understanding of Iran’s APT35 cyber operations: complete salary records for operative teams, expanded surveillance platform capabilities, and a classified 2004 document connecting Iran’s obtained IAEA inspection materials to Department 40 assassination targeting. The leaked materials document unprecedented compensation data…
Officials offer $10M reward for information on IRGC-linked leader and close associate

Dec 8, 2025 11:32 PM

Tags: cyberattack, iran

Mohammad Bagher Shirinkar and Fatemeh Sedighian Kashi are accused of maintaining a close relationship planning and conducting cyberattacks of interest to the Iranian government. First seen on cyberscoop.com Jump to article: cyberscoop.com/shahid-shushtari-iran-cyber-electronic-command-10m-reward/
Officials offer $10M reward for information on IRGC-linked leader and close associate

Dec 8, 2025 11:32 PM

Tags: cyberattack, iran

Mohammad Bagher Shirinkar and Fatemeh Sedighian Kashi are accused of maintaining a close relationship planning and conducting cyberattacks of interest to the Iranian government. First seen on cyberscoop.com Jump to article: cyberscoop.com/shahid-shushtari-iran-cyber-electronic-command-10m-reward/
Officials offer $10M reward for information on IRGC-linked leader and close associate

Dec 8, 2025 11:32 PM

Tags: cyberattack, iran

Mohammad Bagher Shirinkar and Fatemeh Sedighian Kashi are accused of maintaining a close relationship planning and conducting cyberattacks of interest to the Iranian government. First seen on cyberscoop.com Jump to article: cyberscoop.com/shahid-shushtari-iran-cyber-electronic-command-10m-reward/
Officials offer $10M reward for information on IRGC-linked leader and close associate

Dec 8, 2025 11:32 PM

Tags: cyberattack, iran

Mohammad Bagher Shirinkar and Fatemeh Sedighian Kashi are accused of maintaining a close relationship planning and conducting cyberattacks of interest to the Iranian government. First seen on cyberscoop.com Jump to article: cyberscoop.com/shahid-shushtari-iran-cyber-electronic-command-10m-reward/
Operation Kitten: Hacktivist Groups Targeting Israel with Cyberattacks

Dec 8, 2025 3:32 PM

Tags: cyber, cyberattack, cybersecurity, group, infrastructure, iran

A new platform known as the “kitten” project has emerged as a coordination hub for hacktivist campaigns targeting Israel, operating at the intersection of cyber activism and state-aligned influence. While the operators publicly deny direct ties to Iran, technical evidence and infrastructure traces indicate a close relationship with an Iranian cybersecurity ecosystem and pro-Iranian hacktivist…
MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign

Dec 8, 2025 8:32 AM

Tags: backdoor, control, cyber, espionage, fortinet, group, hacking, iran, malware

The Iranian hacking group known as MuddyWater has been observed leveraging a new backdoor dubbed UDPGangster that uses the User Datagram Protocol (UDP) for command-and-control (C2) purposes.The cyber espionage activity targeted users in Turkey, Israel, and Azerbaijan, according to a report from Fortinet FortiGuard Labs.”This malware enables remote control of compromised systems by allowing First…
‘MuddyWater’ Hackers Target Israeli Orgs With Retro Game Tactic

Dec 4, 2025 8:32 AM

Tags: apt, attack, hacker, iran, mobile, tactics

Iran’s top state-sponsored APT is usually rather crass. But in a recent spate of attacks, it tried out some interesting evasion tactics, including delving into Snake, an old-school mobile game. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/muddywater-hackers-israeli-orgs-retro-game
Wie Unternehmen sich gegen neue KI-Gefahren wappnen

Dec 4, 2025 5:32 AM

Tags: ai, china, cyberattack, cyersecurity, hacker, hacking, injection, iran, ml, penetration-testing, phishing, risk, tool, vulnerability

KI ist nicht nur ein Tool für Hacker, sondern kann auch selbst zur Gefahr werden.In der Welt der Cybersicherheit gibt es ein grundlegendes Prinzip, das auf den ersten Blick widersprüchlich klingen mag: ‘Wir hacken, bevor Cyberkriminelle die Gelegenheit dazu bekommen.” Um dies umzusetzen und Produktionsstraßen oder Maschinen zu schützen, setzen Unternehmen wie Siemens auf zwei…