The MuddyWater Iranian hackers disguised their operations as a Chaos ransomware attack, relying on Microsoft Teams social engineering to gain access and establish persistence. […]
MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack
The Iranian state-sponsored hacking group known as MuddyWater (aka Mango Sandstorm, Seedworm, and Static Kitten) has been attributed to a ransomware attack in what has been described as a “false flag” operation.
The attack, observed by Rapid7 in early 2026, has been found to leverage social engineering techniques via Microsoft Teams to initiate the infection sequence. Although the incident
The attack, observed by Rapid7 in early 2026, has been found to leverage social engineering techniques via Microsoft Teams to initiate the infection sequence. Although the incident
Iranian APT Intrusion Masquerades as Chaos Ransomware Attack
Likely perpetrated by MuddyWater, the attack combined social engineering, persistence, credential harvesting, and data theft.
The post Iranian APT Intrusion Masquerades as Chaos Ransomware Attack appeared first on SecurityWeek.
Webinar: Why network incidents escalate and how to fix response gaps
Most network incidents don’t escalate due to a lack of alerts; they escalate when response breaks down. This webinar explores how to fix gaps in triage, enrichment, and coordination. […]
The Hacker News Launches ‘Cybersecurity Stars Awards 2026’ — Submissions Now Open
For nearly 20 years, we at The Hacker News have mostly told scary stories about cyberspace — big hacks, broken systems, and new threats.
But behind every headline, there’s a quieter, better story.
It’s the story of leaders making tough calls under pressure, teams building smarter defenses, and security products that keep hunting threats 24/7 — even when it’s hard.
Most of the time, this work is
But behind every headline, there’s a quieter, better story.
It’s the story of leaders making tough calls under pressure, teams building smarter defenses, and security products that keep hunting threats 24/7 — even when it’s hard.
Most of the time, this work is
Romanian Extradited to US for Role in Hacking Scheme 17 Years Ago
Gavril Sandu, 53, was indicted in 2017, but was arrested and extradited to the United States only in 2026.
The post Romanian Extradited to US for Role in Hacking Scheme 17 Years Ago appeared first on SecurityWeek.
Your AI Agents Are Already Inside the Perimeter. Do You Know What They’re Doing?
Analysts recently confirmed what identity security teams have quietly feared: AI agents are being deployed faster than enterprises can govern them. In their inaugural Market Guide for Guardian Agents, Gartner states that “enterprise adoption of AI agents is accelerating, outpacing maturity of governance policy controls.” Enterprise leaders can request access to the Gartner Market Guide for
CISA: Critical Infrastructure Must Master Isolation, Recovery
The agency has issued guidance to help critical infrastructure operators prepare for cyberattacks by foreign threat actors.
The post CISA: Critical Infrastructure Must Master Isolation, Recovery appeared first on SecurityWeek.
Sophisticated Quasar Linux RAT Targets Software Developers
The persistent, evasive implant provides remote access, surveillance, and credential exfiltration capabilities.
The post Sophisticated Quasar Linux RAT Targets Software Developers appeared first on SecurityWeek.
Palo Alto Networks warns of firewall RCE zero-day exploited in attacks
Palo Alto Networks warned customers today that a critical-severity unpatched vulnerability in the PAN-OS User-ID Authentication Portal is being exploited in attacks. […]