Tag: iran

Iranian Actors Hit Medical Infrastructure While Meta Disrupts Influence Operations

Iranian cyber actors launched coordinated attacks against medical device manufacturer Stryker and Albania's parliament email systems, while Meta disrupted a separate Iranian influence operation using fake Instagram personas to target US users.

Mar 12, 2026Security Affairs, The Record

iranmedical-infrastructureinfluence-operations

🇺🇸Meta Platforms

highData Breaches & Incidents

Iran's MuddyWater Targets US Firms, macOS Stealer Campaign, and HIBP Surge

Iran's MuddyWater hackers deployed new Dindoor backdoor against US companies while cybercriminals used fake CleanMyMac sites to distribute macOS stealer malware. Meanwhile, Have I Been Pwned processed five major breaches in two days, highlighting an acceleration in data compromise incidents.

Mar 10, 2026Hackread, Troy Hunt

muddywateraptmacos

🇮🇷MuddyWater

highNation-State & APT

Iranian APT Groups Intensify Cyber Operations Against U.S. and Middle East Infrastructure

Check Point researchers observed Iran-linked actors targeting IP cameras across Israel and Gulf states for military intelligence, while Broadcom's Symantec team uncovered MuddyWater deploying the new Dindoor backdoor against U.S. banks, airports, and nonprofits.

Mar 7, 2026Security Affairs

iranmuddywaterapt

🇮🇷MuddyWater

highIndustry & Policy

Nation-State Ops Escalate: AI-Enhanced Infiltration and Cyber-Kinetic Warfare Converge

North Korea and Iran are escalating cyber operations with AI-enhanced worker infiltration schemes and cyber-kinetic warfare tactics. Meanwhile, zero-day attacks on enterprise software reached record highs in 2025, with security appliances being primary targets.

Mar 7, 2026Dark Reading, Infosecurity Magazine

nation-stateai-threatszero-day

🇮🇷MuddyWater

🇺🇸Google

highPrivacy & Surveillance

Privacy-Surveillance Roundup: Pentagon AI Power Play, CBP Ad Tracking, Iran's Digital Blackout

The Trump administration severed Pentagon ties with Anthropic over the company's refusal to support mass surveillance and autonomous weapons, while CBP used commercial advertising data to track phone locations. Iran has shut down 99% of internet connectivity amid ongoing air strikes.

Mar 7, 2026Schneier on Security, WIRED Security

ai-governancelocation-trackinginternet-censorship

🏴Play

highPrivacy & Surveillance

LLM-Assisted Government Breach and Camera Hijacking in Modern Warfare

An attacker used Anthropic's Claude AI to breach Mexican government networks, while multiple nations have adopted surveillance camera hijacking as standard cyber warfare tactics. These incidents highlight the evolving intersection of AI capabilities and nation-state surveillance operations.

Mar 6, 2026Schneier on Security, WIRED Security

llm-securitygovernment-breachsurveillance-cameras

highNation-State & APT

Nation-State Roundup: Iran-Nexus APT Targets Iraq Officials, Phobos Admin Pleads Guilty, Multi-Year Campaign Exposed

Iranian threat actors are actively targeting Iraqi government officials with previously unknown malware families, while law enforcement secured a guilty plea from a Phobos ransomware administrator. Separately, researchers uncovered a multi-year campaign targeting high-value sectors that went undetected for years.

Mar 6, 2026Security Affairs, Palo Alto Unit 42

aptiraniraq

🏴Phobos

mediumNation-State & APT

Iranian Prayer App Compromised for US/Israeli Propaganda Campaign

A popular Iranian prayer app with over 5 million downloads was allegedly compromised by US and/or Israeli intelligence services to broadcast propaganda messages to users immediately following explosions in Iran. The rapid deployment suggests pre-existing access to the application infrastructure.

Mar 5, 2026Schneier on Security

nation-statemobile-appspropaganda

🏴Play

🇺🇸Google

mediumData Breaches & Incidents

Iranian Prayer App BadeSaba Compromised to Broadcast Anti-Government Messages

Hackers breached BadeSaba, a widely-used Iranian prayer and calendar application, using the platform to distribute anti-government messages and calls for military defection. The incident highlights the vulnerability of mobile applications as vectors for politically motivated attacks.

Mar 3, 2026Hackread

iranmobile-apphacktivism

mediumIndustry & Policy

Geopolitical Tensions Drive Cyber Escalation as Google Warns of Iranian Campaigns

Google's threat intelligence chief warns Iran will launch aggressive cyber campaigns globally using ransomware and hacktivist tactics. Meanwhile, escalating Middle East conflicts are driving increased cyber activity with potential spillover risks for international organizations.

Mar 2, 2026Dark Reading, Infosecurity Magazine

irangeopoliticsthreat-intelligence

🇺🇸Google

highNation-State & APT

Iran Conflict Escalation Raises Critical Infrastructure Cyber Threat Concerns

The intensifying military conflict with Iran creates elevated cyber threat conditions for US organizations. Iran's sophisticated cyber capabilities and history of infrastructure targeting make retaliatory attacks highly probable.

Mar 2, 2026WIRED Security

irancritical-infrastructurenation-state

🇮🇷Charming Kitten🇮🇷OilRig🇮🇷APT33

mediumData Breaches & Incidents

Security Affairs Weekly: Canadian Tire Breach Hits 38M Users, Iran Internet Blackout Continues

Security Affairs' weekly newsletter round 565 covers major cybersecurity developments including a significant data breach at Canadian Tire impacting 38 million users and Iran's continued internet restrictions.

Mar 1, 2026Security Affairs

data-breachcanadairan

🇺🇸Near Intelligence