Iran-aligned #TA453 ( #CharmingKitten #APT42 ) recently attempted credential phishing against a US think tank.

Notably, the email exchange began before the conflict, indicating continued prioritization of longstanding intelligence targets.

Original post on securityaffairs.com

Google: state-backed hackers exploit Gemini AI for cyber recon and attacks Google says nation-state actors used Gemini AI for reconnaissance and attack support in cyber operations. Google DeepMind ...

#APT #Artificial #Intelligence #Breaking #News […]

[Original post on securityaffairs.com]

The APTs That Defined 2025 How State-Aligned Threat Actors Shaped the Global Cyber Battlefield

The APTs That Defined 2025 open.substack.com/pub/malwhere...

#APT #China #Russia #DPRK #Iran #ThreatIntel #CyberSecurity #SaltTyphoon #FlaxTyphoon #MustangPanda #APT17 #APT28 #APT29 #Sandworm #LazarusGroup #Kimsuky #APT42

Beware of TAMECAT: A new PowerShell-based backdoor targeting login credentials in Edge and Chrome. Stay vigilant and update your security protocols. #CyberSecurity #TAMECAT #APT42 Link: thedailytechfeed.com/tamecat-malw...

New Spear-Phishing Attack Targeting Security Individuals in the Israel Region Israel's National Cyber Directorate has issued an urgent alert warning of an active spear-phishing campaign specifically targeting individuals employed in security and defense.

New Spear #Phishing Attack #Targeting #Security Individuals in the #Israel Region #APT42

gbhackers.com/spear-phishi...

SpearSpecter: Iran’s Patient, multi-layered targeting campaign The cybersecurity landscape is increasingly characterized by sophistication, and the ongoing SpearSpecter campaign represents a particularly concerning evolution in state-sponsored espionage. This isn’t a blunt instrument of brute-force attacks; it’s a meticulously crafted operation designed to penetrate the highest levels of government and defense structures worldwide, leveraging social engineering at a granular level. Initial reports […] The post SpearSpecter: Iran’s Patient, multi-layered targeting campaign first appeared on Secure Bulletin.

Awakari App

Iranian Hackers Target Defense and Government Officials in Ongoing Campaign The state-sponsored APT has been targeting the victims’ family members to increase pressure on their targets. The post ...

#Malware #& #Threats #Nation-State #APT42 #espionage #Iran #SpearSpecter

Origin | Interest | Match

SpearSpecter Cyberespionage Campaign Linked to Iranian IRGC Targets High-Value Officials A new Iranian APT42 cyberespionage campaign leverages TAMECAT and advanced social engineering to target important officials and their families.

Read the full breakdown below and follow TechNadu for more trusted cybersecurity coverage:
www.technadu.com/spearspecter...

#cybersecurity #APT42 #IRGC #infosec #malwarethreats #defense #technadu #nationstateactors

Iranian hackers launch 'SpearSpecter' campaign targeting defense and government sectors. Stay vigilant against sophisticated social engineering attacks. #CyberSecurity #APT42 #SpearSpecter Link: thedailytechfeed.com/iranian-hack...

Original post on securityaffairs.com

APT42 impersonates cyber professionals to phish Israeli academics and journalists Iran-linked APT42 targets Israeli experts with phishing attacks, posing as security professionals to steal email cr...

#APT #Breaking #News #Hacking #Intelligence #APT42 […]

[Original post on securityaffairs.com]

Iranian APT Targets Israeli Experts

~Checkpoint~
Iranian APT Educated Manticore (APT42) targets Israeli academics with spear-phishing to steal Google/Outlook credentials.
-
IOCs: idea-home. online, sendly-ink. shop, 185. 130. 226. 71
-
#APT42 #Iran #Phishing #ThreatIntel

#CharmingKitten #APT42 #TA453

Hash:
87144d0aa002a87376b673f7d0c0eb88

C2:
Telegram Bot used for error messages and auto-start messaging to the operator
computerlearning.ddns./net

Pivots:
bookstoragestore./com
lastfilterfile/.info
78.159.117./177
78.159.117./175
185.132.176./241
154.44.186./106

Hannah Neumann : Wer attackiert diese Frau? Mit Betroffenen staatlicher Überwachung zu sprechen, ist für die Europaabgeordnete Hannah Neumann Alltag. Dann wurde sie selbst ausspioniert. Die Spur führt in den Iran.

APT42, eine Hackereinheit, die sehr wahrscheinlich von den iranischen Revolutionsgarden gesteuert wird, attackiert die Abgeordnete des EU-Parlaments und Leiterin der Iran-Delegation des EP, Hannah Neumann. Das ist Spionage, aber auch der Versuch, einzuschüchtern. #apt42
www.zeit.de/2025/17/hann...

Google disrupted hacking campaigns carried out by Iran-linked APT42 Google disrupted a hacking campaign carried out by the Iran-linked APT group APT42 targeting the US presidential election.

#Google disrupted hacking campaigns carried out by #Iran-linked #APT42
securityaffairs.com/167095/secur...
#securityaffairs #hacking