Pierluigi Paganini
March 02, 2026
UK’s NCSC warns of potential Iranian cyberattacks as Middle East tensions rise, urging vigilance from exposed organizations. The UK’s National Cyber Security Centre (NCSC) has warned organizations of a potential increase in Iranian cyber threats amid the escalating Middle East conflict. While it sees no immediate shift in the direct threat to Britain, officials stress […]
Pierluigi Paganini
February 28, 2026
Iran experienced a near-total internet blackout as Israel and the U.S. launched strikes, according to NetBlocks. Internet access across Iran was drastically reduced on Saturday as Israel and the United States carried out strikes against the country, according to independent and non-partisan global internet monitor NetBlocks. Network data indicated a near-total nationwide blackout. The national […]
Pierluigi Paganini
January 18, 2026
Activists hacked Iran ’s Badr satellite, briefly broadcasting Reza Pahlavi’s anti-regime protest messages on state TV channels. Anti-regime activists briefly took control of Iran ’s Badr satellite, hijacking state TV to broadcast Crown Prince Reza Pahlavi’s calls for protests against the Islamic Republic. Pahlavi’s media team also shared the footage of the hack. “Several Iranian […]
Pierluigi Paganini
January 09, 2026
Iran shut down the internet as protests spread nationwide. Dozens were killed in a violent crackdown amid soaring inflation and a collapsing currency. Iran has shut down the internet nationwide as protests spread across multiple cities. Security forces responded with a violent crackdown that reportedly killed dozens. Demonstrations continued despite the blackout, with shops closing […]
Pierluigi Paganini
December 02, 2025
Iran-linked threat actor MuddyWater targeted multiple Israeli sectors with a new MuddyViper backdoor in recent attacks. ESET researchers uncovered a new MuddyWater campaign targeting Israeli organizations and one confirmed Egyptian target. The Iran-linked APT group MuddyWater (aka SeedWorm, TEMP.Zagros, Mango Sandstorm, TA450, and Static Kitten) deployed custom tools to evade defenses and maintain persistence. They used a Fooder loader, […]
Pierluigi Paganini
November 20, 2025
Iran-linked actors mapped ship AIS data ahead of a missile strike attempt, highlighting the rise of cyber operations enabling real-world attacks. Iran-linked threat actors mapped ship Automatic Identification System (AIS) data shortly before an attempted missile strike, showing how Tehran-aligned groups use cyber operations to support and amplify real-world kinetic attacks. The research demonstrates that […]
Pierluigi Paganini
August 30, 2025
Lab Dookhtegan hacking group allegedly disrupted communications of 60 Iranian ships run by sanctioned firms NITC and IRISL. The hacking group Lab Dookhtegan allegedly disrupted the communications of 60 Iranian ships. The attack hit at least 39 tankers and 25 cargo ships operated by Iranian maritime companies National Iranian Oil Tanker Company and Iran Shipping Lines, which […]
Pierluigi Paganini
August 12, 2025
Researchers at cybersecurity firm Profero cracked DarkBit ransomware encryption, allowing victims to recover files for free. Good news for the victims of the DarkBit ransomware, researchers at cybersecurity firm Profero cracked the encryption process, allowing victims to recover files for free without paying the ransom. However, at this time, the company has yet to release […]
Pierluigi Paganini
July 01, 2025
U.S. warns of rising Iranian cyber threats exploiting outdated software and weak passwords, with attacks likely to escalate due to recent events. U.S. cybersecurity and intelligence agencies warn of rising cyber threats from Iranian state-linked hackers, expected to escalate. These actors typically exploit outdated software, known vulnerabilities, and weak or default passwords on internet-connected systems. […]
Pierluigi Paganini
June 27, 2025
Iran-linked APT42 targets Israeli experts with phishing attacks, posing as security professionals to steal email credentials and 2FA codes. Iran-linked group APT42 (aka Educated Manticore, Charming Kitten, and Mint Sandstorm) is targeting Israeli journalists, cybersecurity experts, and academics with phishing attacks, posing as security professionals to steal email credentials and 2FA codes, according to Check Point. […]
