6 articles tagged with "Muddywater"
CISA adds CVE-2025-34291 to KEV after Iranian APT MuddyWater weaponizes the CORS/CSRF chain for account takeover and RCE. CVSS 9.4 flaw requires only a malicious link click.
Iranian APT MuddyWater hijacked Microsoft Teams to harvest credentials via live screen-sharing, then dropped Chaos ransomware as a false flag to hide espionage. Rapid7 linked the campaign to 36 victims.
Iranian APT MuddyWater adopts Russian TAG-150 malware-as-a-service platform to deploy ChainShell RAT against Israeli targets. C2 addresses resolved via Ethereum smart contracts evade takedowns.
Iranian APT group breaches US critical infrastructure using novel Dindoor malware built on Deno runtime. Symantec links campaign to MOIS.
Iranian APT MuddyWater launches Operation Olalampo against MENA organizations, deploying four new malware families including GhostFetch and CHAR, a Rust backdoor controlled via Telegram.
Iranian APT group shifts tactics with RustyWater implant targeting diplomatic, financial, and telecom sectors across the Middle East via spear-phishing.