Iran-linked MuddyWater activity shows why ransomware response needs to examine identity compromise, remote access, and adversary objectives instead of trusting the ransom note at face value.
Handala’s California Water Service claim is a reminder that critical-infrastructure defense starts with proving separation between billing systems, telemetry platforms, and operational technology.
Check Point Research reports that IRGC-affiliated Nimbus Manticore resurfaced with fake Zoom and SQL Developer lures, SEO poisoning, AppDomain hijacking, and a new MiniFast backdoor. Here is what SMBs and government contractors should tighten first.
Iran-nexus Screening Serpens used recruitment and meeting lures, new RAT variants, and .NET AppDomainManager hijacking. Here is what SMBs and government contractors should tighten now.
The FBI has issued a critical alert warning that Iranian government hackers are weaponizing Telegram as a command and control (C2) channel to steal data from dissidents, opposition groups, and journalists who oppose the regime around the world. According to the FBI alert published Friday, hackers working for Iran’s Ministry of Intelligence and Security (MOIS)…
Iran-linked hackers have successfully breached the personal email account of FBI Director Kash Patel, publishing photos, documents, and email correspondence in a significant escalation of cyber operations targeting senior U.S. government officials. The Handala Hack Team, a hacktivist persona operating on behalf of Iran’s Ministry of Intelligence and Security (MOIS), announced the compromise on Friday,…
Iran-linked hacking group Handala Hack Team has successfully breached the personal email account of FBI Director Kash Patel, publishing photographs and documents stolen from his inbox, according to The Guardian and confirmed by the FBI. Attack Details The breach was announced by Handala on their website, where they stated that Patel “will now find his…
The FBI has issued a public alert warning that Iranian government hackers affiliated with the Ministry of Intelligence and Security (MOIS) are actively weaponizing Telegram as a command-and-control (C2) platform to conduct espionage operations against dissidents, opposition groups, and journalists worldwide. Attack Chain: From Social Engineering to Full Device Compromise The sophisticated attack campaign begins…
In a significant escalation of Iranian cyber operations against U.S. government officials, the Iran-linked hacktivist group Handala has successfully compromised the personal email account of FBI Director Kash Patel. The breach, confirmed by the FBI on March 27, 2026, resulted in the publication of photographs and documents from Patel’s Gmail account. Attack Details Handala posted…
A cybercrime group is attempting to leverage the ongoing US-Iran conflict by deploying a destructive wiper malware that specifically targets systems configured for Iranian users, according to new research from Krebs on Security and Aikido. TeamPCP Launches Iran-Targeting Wiper The financially motivated threat actor TeamPCP has weaponized its existing supply chain compromise to deploy CanisterWorm,…
