Latest News

1 minute read

Iran-Linked MuddyWater Targets 100+ Organisations in Global Espionage Campaign

info@thehackernews.com (The Hacker News)

October 22, 2025

The Iranian nation-state group known as MuddyWater has been attributed to a new campaign that has leveraged a compromised email account to distribute a backdoor called Phoenix to various organizations across the Middle East and North Africa (MENA) region, including over 100 government entities. The end goal of the campaign is to infiltrate high-value targets and facilitate intelligence gathering

[[{“value”:”The Iranian nation-state group known as MuddyWater has been attributed to a new campaign that has leveraged a compromised email account to distribute a backdoor called Phoenix to various organizations across the Middle East and North Africa (MENA) region, including over 100 government entities.
The end goal of the campaign is to infiltrate high-value targets and facilitate intelligence gathering”}]] The Hacker News

Latest News

Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files

October 22, 2025

Latest News

ToolShell bug used by Chinese attackers against governments in Africa, South America

October 22, 2025

1 min

Latest News

Europol adds Spanish academic suspected of aiding pro-Russian hackers to most wanted list

Spanish national Enrique Arias Gil, 37, is suspected of gathering information on Spain’s critical infrastructure and members of…

admin

September 16, 2025

2 min

Latest News

RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet

The botnet malware known as RondoDox has been observed targeting unpatched XWiki instances against a critical security flaw that could allow attackers to achieve arbitrary code execution. The vulnerability in question is CVE-2025-24893 (CVSS score: 9.8), an eval injection bug that could allow any guest user to perform arbitrary remote code execution through a request to the "/bin/get/Main/

info@thehackernews.com (The Hacker News)

November 15, 2025

3 min

Latest News

RomCom Uses SocGholish Fake Update Attacks to Deliver Mythic Agent Malware

The threat actors behind a malware family known as RomCom targeted a U.S.-based civil engineering company via a JavaScript loader dubbed SocGholish to deliver the Mythic Agent. "This is the first time that a RomCom payload has been observed being distributed by SocGholish," Arctic Wolf Labs researcher Jacob Faires said in a Tuesday report. The activity has been attributed with medium-to-high

info@thehackernews.com (The Hacker News)

November 26, 2025

Hand-Picked Top-Read Stories

Intellexa Leaks Reveal Zero-Days and Ads-Based Vector for Predator Spyware Delivery

“Getting to Yes”: An Anti-Sales Guide for MSPs

CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems

Trending Tags

Iran-Linked MuddyWater Targets 100+ Organisations in Global Espionage Campaign

Previous Post

Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files

Next Post

ToolShell bug used by Chinese attackers against governments in Africa, South America

Intellexa Leaks Reveal Zero-Days and Ads-Based Vector for Predator Spyware Delivery

“Getting to Yes”: An Anti-Sales Guide for MSPs

CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems

JPCERT Confirms Active Command Injection Attacks on Array AG Gateways

CISA, NSA warn of China’s BRICKSTORM malware after incident response efforts

Iran-Linked MuddyWater Targets 100+ Organisations in Global Espionage Campaign

Previous Post

Next Post

Related Posts