201 article(s)
A dramatic shift in cyber-espionage: TA446 launches DarkSword, a sophisticated exploit kit targeting iOS devices through deceptive phishing and advanced technical exploits. Our investigation reveals the methods, implications, and what’s next for mobile security.
Iran’s 30-day cyberwar saw near-total internet blackout at home but unleashed thousands of attacks abroad, targeting critical infrastructure and exposing new global vulnerabilities. The campaign’s blend of physical and digital assaults has redrawn the rules of cyber conflict.
Iran-linked hacktivist group Handala breached the personal Gmail of FBI Director Kash Patel, leaking private emails and photos in a symbolic act of cyberwar. The attack, retaliation for FBI actions against Handala, highlights the personal vulnerabilities of high-profile officials and the evolving tactics of Iranian cyber operations.
Lockheed Martin suffered a dramatic two-stage attack by Iranian-linked hackers in March 2026. Beyond alleged data theft, engineers were doxxed and threatened, marking a dangerous new phase in hybrid cyberwarfare.
APT-Q-27 is targeting Web3 support staff with deceptive screenshot links that unleash a sophisticated multi-stage malware chain, culminating in a stealthy memory-resident backdoor. Discover how the attack works and what defenders need to know.
Sandworm (APT44) is hijacking RDP servers with advanced malware, using forged certificates and encrypted tunnels to maintain stealthy, long-term access to high-value networks. Here’s how the campaign works—and what defenders need to know.
TeamPCP’s CanisterWorm launches targeted destruction against Iranian Kubernetes clusters and persistent backdoors elsewhere. Learn how this sophisticated malware campaign exploits cloud environments and what security teams must do to defend.
Despite a dramatic surge in cyber claims, Iranian hacktivist groups appear to be more focused on psychological disruption than causing real damage to Gulf infrastructure. Our investigation separates fact from fiction in the digital battlefield.
A new variant of TeamPCP’s CanisterWorm selectively destroys Iranian Kubernetes clusters and embeds stealth backdoors elsewhere, marking a dangerous escalation in targeted cyberwarfare.
Iran’s sweeping surveillance system, intended to control protest and dissent, became a tool for Israeli intelligence after being hacked. The same cameras meant to safeguard the regime were weaponized, contributing to the assassination of Iran’s supreme leader and exposing a new era of AI-driven espionage.