Tag: iran
-
Iranian APT Uses SEO Poisoning to Spread Fake SQL Developer Malware
A newly observed cyber campaign linked to the Iranian IRGC-affiliated threat group Nimbus Manticore (also tracked as UNC1549) highlights an evolution in both delivery tactics and malware sophistication. The activity, uncovered during the ongoing geopolitical conflict tied to Operation Epic Fury launched on February 28, 2026, shows the group adopting SEO poisoning malware for the…
-
MiniUpdate RAT Abuses Azure C2 for Targeted Espionage
A sophisticated espionage campaign by the Iran-nexus advanced persistent threat group known as Screening Serpens also tracked as UNC1549 and Smoke Sandstorm deploying a newly identified remote access Trojan (RAT) family called MiniUpdate against targets in the United States, Israel, and the United Arab Emirates. Screening Serpens has been active since at least 2022, but…
-
FBI Director’s Former Apparel Brand Hit by Malware
Malware Targeted macOS Users Visiting Patel Foundation Merchandise Page. Two months after Iran-linked hackers exfiltrated FBI Director Kash Patel’s personal email, the government official’s name is tangled up in another cyber incident, this time through a MAGA swag shop he co-founded. ClickFix malware on the site tried to trick shoppers into running a malicious command.…
-
Iranian Hackers Using Fake Job Sites to Breach Defense Firms
Unit 42 Says Iranian Operators Target Aerospace and Government Staff. Palo Alto Networks’ Unit 42 said Iran-linked operators tied to Screening Serpens are using fake recruiting campaigns, cloned aerospace hiring portals and malware-laced job materials to infiltrate defense, satellite communications and government networks. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/iranian-hackers-using-fake-job-sites-to-breach-defense-firms-a-31762
-
Iran suspected in breaching automatic tank gauges at US gas stations
Tags: iranFirst seen on scworld.com Jump to article: www.scworld.com/news/iran-suspected-in-breaching-automatic-tank-gauges-at-us-gas-stations
-
Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages
Companies, particularly those in the affected industries, should harden their defenses against impersonation schemes, Palo Alto Networks said. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/iran-cyberattacks-espionage-us-israel-uae/820990/
-
New York regulator calls for additional cyber mitigation amid heightened threat environment
The guidance from the state Department of Financial Services arises from concerns about frontier AI and threats linked to the Iran war and other geopolitical risks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/new-york-regulator-cyber-mitigation-threat-AI-Iran/820979/
-
Fast and Furious Nimbus Manticore Operations During the Iranian Conflict
ey Findings Introduction During the recent geopolitical tensions in the Middle East, wereportedon multiple Iran-nexus threat actors advancing Iran’s strategic objectives through cyber operations. These activities includedtargeting internet-connected cameras, conductingdestructive attacksagainst US and Israeli entities, andexfiltrating datafrom cloud environments to support broader kinetic and intelligence-gathering efforts. Nimbus Manticore (also tracked asUNC1549) is an IRGC-affiliated threat…
-
Fuel Tank Breaches Expand Scope of Iran’s Cyber Offensive
Security experts have long warned that insecure automatic tank gauge (ATG) systems exposed on the Internet can be tampered with by threat actors. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/fuel-tank-breaches-expand-scope-irans-cyber-offensive
-
Breach Roundup: US Lawmakers Sound Alarm on AI Bug Hunters
Also, YellowKey Bypasses BitLocker, Å koda Breach, Kingdom Market Operator Jailed. This week, U.S. lawmakers urged action on AI, a BitLocker exploit. Å koda, Nvidia’s GeForce NOW partner and telehealth firm OpenLoop reported breaches. Patch Tuesday. A dark market operator sentenced and pro-Ukraine and Iranian-linked hacking. Nitrogen ransomware attack on Foxconn. First seen on govinfosecurity.com Jump to…
-
Iran Is Using Tiny ‘Mosquito’ Boats to Shut Down the Strait of Hormuz
Iran’s traditional naval fleet has been almost completely destroyed by US-Israeli raids. But Iran’s military has put a fleet of small vessels on the water that is crippling every passageway. First seen on wired.com Jump to article: www.wired.com/story/iran-is-using-tiny-mosquito-boats-to-shut-down-the-strait-of-hormuz/
-
Iranian APT MuddyWater Masquerades as Chaos Ransomware in Elaborate False Flag
The post Iranian APT MuddyWater Masquerades as Chaos Ransomware in Elaborate False Flag appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/muddywater-apt-chaos-ransomware-false-flag-espionage/
-
AI-powered hacking has exploded into industrial-scale threat, Google says
Criminal groups and state-linked actors appear to be using commercial models to refine and scale up attacks<ul><li><a href=”https://viewer.gutools.co.uk/business/live/2026/may/11/uk-economy-job-losses-iran-war-oil-pound-bonds-politics-starmer-live-updates”>Business live latest updates</li></ul>In just three months, AI-powered hacking has gone from a nascent problem to an industrial-scale threat, according to a report from Google.The findings from Google’s threat intelligence group add to an intensifying, global discussion about…
-
Iranian government hackers using Chaos ransomware as cover, researchers say
First seen on therecord.media Jump to article: therecord.media/iran-government-hackers-use-chaos-ransomware-as-cover
-
The British public need to be better prepared for emergencies | Letter
Tags: attack, china, cyber, data-breach, disinformation, iran, resilience, russia, supply-chain, threat, warfare<strong>Jean Coussins</strong> says a cross-party Lords committee has been tasked with coming up with a plan to normalise resilience in our everyday livesYour editorial (<a href=”https://www.theguardian.com/commentisfree/2026/may/01/the-guardian-view-on-britains-fragile-systems-when-global-shocks-hit-your-shopping-bill”>Britain’s fragile systems: when global shocks hit your shopping bill, 1 May) makes clear that the public need to be more fully informed about global threats and actively engaged in…
-
Financial stability risks are rising as AI fuels cyber-attacks, IMF warns; oil below $100 on Iran peace hopes as it happened
Rolling coverage of the latest economic and financial news<ul><li><a href=”https://www.theguardian.com/business/2026/may/07/climate-campaigners-attack-shell-over-windfall-profits-from-iran-war”>Climate campaigners attack Shell over ‘windfall’ profits from Iran war</li></ul>The Danish shipping giant <strong>Maersk</strong> has maintained its profit guidance for the year, even as it reported a spike in fuel costs and warned that traffic through the strait of Hormuz “remains at a near standstill”.The company,…
-
Financial stability risks are rising as AI fuels cyber-attacks, IMF warns; oil below $100 on Iran peace hopes business live
Rolling coverage of the latest economic and financial news<ul><li><a href=”https://www.theguardian.com/business/2026/may/07/climate-campaigners-attack-shell-over-windfall-profits-from-iran-war”>Climate campaigners attack Shell over ‘windfall’ profits from Iran war</li></ul>The Danish shipping giant <strong>Maersk</strong> has maintained its profit guidance for the year, even as it reported a spike in fuel costs and warned that traffic through the strait of Hormuz “remains at a near standstill”.The company,…
-
Omani Government Targeted in Blatant Iranian-Nexus Cyberespionage
The post Omani Government Targeted in Blatant Iranian-Nexus Cyberespionage appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/oman-government-cyberattack-hunt-intelligence-apt34-muddywater/
-
Cybercriminals Exploit Microsoft Teams to Phish Login Credentials and Bypass MFA
Tags: authentication, credentials, cyber, cybercrime, espionage, exploit, iran, login, mfa, microsoft, phishing, ransomware, threatIranian state-sponsored threat actors linked to MuddyWater (Seedworm) have been caught hiding behind the Chaos ransomware brand to conduct sophisticated espionage operations, using Microsoft Teams as a phishing vector to steal credentials and manipulate multi-factor authentication (MFA). Rapid7 researchers uncovered the intrusion in early 2026, revealing a calculated false flag operation designed to mimic financially…
-
Iranian cyber espionage disguised as a Chaos Ransomware attack
Iran-linked APT MuddyWater used ransomware-style tactics to mask espionage, combining phishing, credential theft, data exfiltration, and extortion without encryption. A newly discovered cyber intrusion attributed to the Iran-linked APT MuddyWater (aka SeedWorm, TEMP.Zagros, Mango Sandstorm, TA450, and Static Kitten) reveals how state-sponsored attackers are increasingly leveraging ransomware tactics to disguise espionage operations. The campaign, uncovered by security researchers at Rapid7, blended…
-
Iran-Linked APT Posed as Chaos Ransomware Member in Espionage Campaign
Rapid7 reveals an Iranian false flag operation masquerading as a Chaos ransomware attack First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/iran-linked-apt-chaos-ransomware/
-
Iran and Hezbollah Are Relocating Terror Networks Across Latin America
The post Iran and Hezbollah Are Relocating Terror Networks Across Latin America appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/irgc-hezbollah-venezuela-disruption-colombia-ecuador-relocation/
-
Iran-Linked Hackers Target Oman Ministries in Webshell and Data Theft Campaign
Iran-linked operators have mounted a broad espionage operation against multiple Omani ministries, abusing exposed webshells, SQL escalation scripts, and a poorly secured C2 server to steal judicial and identity data at scale. Attacker’s own open directory strongly suggests a Ministry of Intelligence and Security (MOIS) nexus compromised a mailbox , but there are not enough unique…
-
Middle East Cyber Battle Field Broadens, Especially in UAE
As the war with Iran continues, breach attempts targeting the United Arab Emirates tripled in a few weeks, many targeting critical infrastructure. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/middle-east-cyber-battle-field-broadens-uae
-
CISA pushes critical infrastructure operators to prepare to work in isolation
Tags: access, attack, backup, business, ceo, cisa, control, cyber, cybersecurity, endpoint, exploit, government, incident response, infrastructure, iran, network, resilience, service, technology, threat, vpnA familiar playbook under a new name: While the framing of CI Fortify is new, the underlying concepts are not. Several experts say the initiative largely repackages long-standing practices around disaster recovery, business continuity, and incident response, areas where many organizations have historically underinvested.”It looks to me like traditional business continuity planning, disaster recovery, and…
-
Iranian Proxy Networks in Latin America Post-Maduro: IRGC
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/iranian-proxy-networks-in-latin-america-post-maduro-irgc
-
Pro-Iran crew turns DDoS into shakedown as Ubuntu.com stays down
313 Team tells Canonical: pay up or the packets keep coming First seen on theregister.com Jump to article: www.theregister.com/2026/05/01/canonical_confirms_ubuntu_infrastructure_under/