https://winbuzzer.com/2026/03/25/darksword-ios-exploit-leaks-github-threatens-millions-xcxwbn/
DarkSword iOS Exploit Leaks on GitHub, Threatens Millions
#iOS #Apple #Cybersecurity #ZeroDay #Exploits #iPhone #Surveillance #Malware #Spyware #Hackers #Cybercrime #ThreatIntelligence #iOS18 #iPad #iPadOS #Hacking #Russia #Cyberespionage #Darksword #Iverify
Boggy Serpens Threat Assessment
The Iranian threat group Boggy Serpens, linked to the Ministry of Intelligence and Security, has refined its cyberespionage tactics to focus on trusted relationship compromises and multi-wave targeting of strategic organizations. The group combines social engineering with AI-enhanced malware for long-term persistence, primarily targeting diplomatic and critical infrastructure sectors. Recent campaigns show increased technological capabilities, including AI-generated code and Rust-based tools. Boggy Serpens exploits hijacked accounts to bypass security measures and employs a secondary social engineering prompt to deliver malware. The group's determination is exemplified by a sustained four-wave campaign against a UAE marine and energy company, demonstrating its focus on infiltrating regional maritime infrastructure.
Pulse ID: 69b91b4202446dd5143da7c3
Pulse Link: https://otx.alienvault.com/pulse/69b91b4202446dd5143da7c3
Pulse Author: AlienVault
Created: 2026-03-17 09:13:38
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #Cyberespionage #Espionage #ICS #InfoSec #Iran #Malware #OTX #OpenThreatExchange #RAT #Rust #SocialEngineering #UAE #bot #AlienVault
Infostealer infection exposed a DPRK-linked cyber operation.
Key findings:
• Polyfill.io supply-chain attack linked to actor
• Infiltration of crypto exchange Gate.us
• Crypto laundering via Telegram bots
• Espionage targeting Japan’s NIMS
Follow TechNadu for cybersecurity threat intelligence updates.
iPhones and iPads Approved for NATO Classified Data
Apple announcement:
…iPhone and iPad are the first and only consumer devices in compliance with the infor... https://www.schneier.com/blog/archives/2026/03/iphones-and-ipads-approved-for-nato-classified-data.html
#cyberespionage #dataprotection #Uncategorized #smartphones #iPhone #Apple #iPad
Apple announcement: …iPhone and iPad are the first and only consumer devices in compliance with the information assurance requirements of NATO nations. This enables iPhone and iPad to be used with classified information up to the NATO restricted level without requiring special software or settings—a level of government certification no other consumer mobile device has met. This is out of the box, no modifications required. Boing Boing post.
Iran’s MOIS-linked cybercrime operations highlight how state actors blur lines between espionage, crime, and disruption. In cyberspace, attribution and intent rarely come clean. 🕵️♂️⚠️ #NationState #CyberEspionage
https://www.theregister.com/2026/03/10/cybercrime_iran_mois/
PlugX Meeting Invitation via MSBuild and GDATA
A recent PlugX campaign utilized phishing emails with a 'Meeting Invitation' lure to deploy malware through DLL side-loading. The infection chain begins with a zip file containing a malicious .csproj file and MSBuild executable. The .csproj file downloads three components: a legitimate G DATA Antivirus executable, a malicious Avk.dll (PlugX variant), and an encrypted AVKTray.dat file. The malware uses DLL side-loading, API hashing, and XOR encryption for obfuscation. It establishes persistence via the Run registry key and communicates with a command and control server. The campaign showcases PlugX's continued evolution while maintaining its core characteristics, highlighting its ongoing relevance in cyber-espionage operations.
Pulse ID: 69a3ce16b33dca316675f3f3
Pulse Link: https://otx.alienvault.com/pulse/69a3ce16b33dca316675f3f3
Pulse Author: AlienVault
Created: 2026-03-01 05:26:46
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #Email #Encryption #Espionage #ICS #InfoSec #MSBuild #Malware #OTX #OpenThreatExchange #Phishing #PlugX #RAT #ZIP #bot #cyberespionage #AlienVault
https://winbuzzer.com/2026/02/27/anthropic-claude-ai-hack-mexican-government-databases-xcxwbn/
Anthropic's Claude AI Used to Steal 150GB of Mexican Government Data
#AI #Anthropic #Claude #Cybersecurity #Cybercrime #Cyberespionage #DataTheft #Hacking #ThreatIntelligence #AISafety #AgenticAI #Exploits #GambitSecurity
Counterintelligence case with aerospace implications."
A former U.S. Air Force Major is charged with allegedly conspiring to provide combat aircraft training to China’s military, coordinating with Stephen Su Bin - previously convicted in a cyber espionage case involving Boeing’s C-17 transport aircraft data.
Alleged violations include:
• International Traffic in Arms Regulations (ITAR)
• Unauthorized defense services export
• Foreign military engagement without licensing
• Historical linkage to aerospace cyber intrusion campaigns
The case underscores the convergence of:
– Human intelligence recruitment
– Cyber espionage legacy actors
– Defense contractor ecosystems
– Export control enforcement challenges
How should compliance programs at defense contractors adapt to mitigate insider expertise risks post-employment?
Engage in the comments.
Follow TechNadu for high-signal infosec and national security reporting.
Repost to broaden awareness within the security community.
#Infosec #Counterintelligence #ITAR #AerospaceSecurity #DefenseCompliance #CyberEspionage #ThreatIntelligence #ExportControls #MilitaryTechnology #NationalSecurity
Winbuzzer
OTX Bot
TechNadu
Schneier on Security RSS
Manuel Bissey
Politico.eu (Unofficial RSS)
