Tag: backdoor

Iran's MuddyWater Targets US Firms, macOS Stealer Campaign, and HIBP Surge

Iran's MuddyWater hackers deployed new Dindoor backdoor against US companies while cybercriminals used fake CleanMyMac sites to distribute macOS stealer malware. Meanwhile, Have I Been Pwned processed five major breaches in two days, highlighting an acceleration in data compromise incidents.

Mar 10, 2026Hackread, Troy Hunt

muddywateraptmacos

🇮🇷MuddyWater

highVulnerabilities & Exploits

New Campaign Targets Healthcare & Education While Blockchain C2 Evolves Evasion

A new threat cluster UAT-10027 is actively targeting US healthcare and education sectors with the Dohdoor backdoor, while the Aeternum C2 botnet demonstrates blockchain-based command infrastructure for improved resilience. Additional threats include gaming-focused RATs and a new Wi-Fi encryption bypass attack.

Feb 27, 2026The Hacker News, Ars Technica Security, Microsoft Security, SANS ISC, MSRC Security Updates

threat-actorsbackdoorblockchain-c2

🇺🇸Meta Platforms

highVulnerabilities & Exploits

APT28 Macro Campaign, AI Model Theft, and Central Asian Telecom Attacks

APT28 launched Operation MacroMaze against European targets using webhook-based macro malware, while UnsolicitedBooker deployed dual backdoors against Central Asian telecoms. Meanwhile, Anthropic exposed Chinese AI companies conducting industrial-scale model theft through 16 million fraudulent queries.

Feb 24, 2026The Hacker News, SANS ISC

apt28russiabackdoor

🇷🇺APT28

highMalware & Threats

Threat Roundup: Phobos Ransomware Arrest, X/Grok Investigation, IoT Security Mishap, and Android Backdoor Discovery

Polish authorities arrest Phobos ransomware suspect, Ireland investigates X's Grok AI abuse, accidental IoT exposure, and new Android backdoor links major botnets.

Feb 17, 2026BleepingComputer, Malwarebytes Labs, SecureList (Kaspersky)

ransomwarephobosandroid-malware

🏴Phobos

🇺🇸Google