Iran’s MuddyWater Hackers Hit US Firms with New ‘Dindoor’ Backdoor
(Kevin Poireault – Infosecurity Magazine) Several US companies have been targeted by Iranian hacking group MuddyWater in a new campaign that started in early February and has continued after the US and Israeli military strikes on Iran. The campaign was detected by the Threat Hunter Team at Broadcom’s Symantec and Carbon Black. The potential victims include a US bank, a US airport, non-governmental organizations in both the US and Canada and the Israeli operation of a US software company that supplies the defense and aerospace sectors. Each of these organizations has experienced suspicious activity on their networks in recent days and weeks, said the Threat Hunter Team in a March 5 report. The campaign involves a previously unknown backdoor, dubbed ‘Dindoor’ by the cyber threat researchers. – https://www.infosecurity-magazine.com/news/iran-muddywater-hackers-us-firms/
Digital Psychological Warfare: How the Weaponization of Digital Platforms Threatens Minds, Markets, and Modern Institutions
(Tarnveer Singh – Infosecurity Magazine) Digital psychological warfare has become one of the most urgent and least understood threats facing modern organisations. This is explored in my new book, Digital Psychological Warfare: Weaponization of Digital Platforms. The weaponization of digital platforms is no longer confined to geopolitical conflict or fringe extremist groups. It now permeates mainstream social networks, workplace collaboration tools, customer‑facing platforms, and even AI‑driven systems. For C‑suite executives, policymakers, and researchers, the challenge is clear: psychological harm is being engineered, amplified, and automated at scale—and organisations must be prepared to defend their people. – https://www.infosecurity-magazine.com/opinions/digital-psychological-warfare/
AI-Driven Insider Risk Now a “Critical Business Threat,” Report Warns
(Danny Palmer – Infosecurity Magazine) The risk of insider threats is on the rise and businesses are concerned about the cybersecurity implications of intentionally malicious or negligent employees, research by Mimecast has warned. According to the company’s State of Human Risk Report 2026, internal cybersecurity risk has grown across the board, to the extent that it should be treated as a “critical business threat.”. In many cases, the additional insider risk is because of employees mishandling or actively abusing AI tools. – https://www.infosecurity-magazine.com/news/ai-insider-risk-critical-business/
Microsoft warns of ClickFix campaign exploiting Windows Terminal to deliver Lumma Stealer
(Pierluigi Paganini – Security Affairs) Microsoft revealed a new ClickFix campaign where attackers exploit Windows Terminal to run a complex attack chain, ultimately deploying Lumma Stealer malware. The campaign uses social engineering to trick users into executing malicious commands, highlighting growing risks to Windows environments. In February 2026, Microsoft Defender experts uncovered a widespread ClickFix campaign exploiting Windows Terminal. The researchers noticed that instead of the usual Run dialog method, attackers guide users to launch Terminal via Windows + X → I, creating a trusted-looking admin environment. This bypasses Run-dialog detections while prompting targets to paste malicious PowerShell commands from fake CAPTCHAs, troubleshooting prompts, or verification-style lures, blending the attack seamlessly into routine Windows workflows. – https://securityaffairs.com/189046/malware/microsoft-warns-of-clickfix-campaign-exploiting-windows-terminal-for-lumma-stealer.html
Iran-nexus APT Dust Specter targets Iraq officials with new malware
(Pierluigi Paganini – Security Affairs) Zscaler ThreatLabz researchers linked the Iran-nexus group Dust Specter to a campaign targeting Iraqi government officials. Threat actors impersonated the country’s Ministry of Foreign Affairs in phishing messages that delivered previously unseen malware, including SPLITDROP, TWINTASK, TWINTALK, and GHOSTFORM, through multiple infection chains. “In January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq.” reads the report published by Zscaler. “Due to significant overlap in tools, techniques, and procedures (TTPs), as well as victimology, between this campaign and activity associated with Iran-nexus APT groups, ThreatLabz assesses with medium-to-high confidence that an Iran-nexus threat actor conducted this operation. ThreatLabz tracks this group internally as Dust Specter.“. The researchers analyzed two attack chains used in the Dust Specter campaign targeting Iraqi officials. – https://securityaffairs.com/189033/apt/iran-nexus-apt-dust-specter-targets-iraq-officials-with-new-malware.html
U.S. CISA adds Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities catalog
(Pierluigi Paganini – Security Affairs) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities (KEV) catalog. – https://securityaffairs.com/189005/security/u-s-cisa-adds-apple-rockwell-and-hikvision-flaws-to-its-known-exploited-vulnerabilities-catalog.html
Google GTIG: 90 zero-day flaws exploited in 2025 as enterprise targets grow
(Pierluigi Paganini – Security Affairs) Google’s Threat Intelligence Group (GTIG) identified 90 zero-day vulnerabilities exploited in the wild in 2025. While slightly below the 100 observed in 2023, the number increased from 78 in 2024, with researchers noting a rising trend of attacks specifically targeting enterprise technologies and corporate infrastructure. – https://securityaffairs.com/188993/security/google-gtig-90-zero-day-flaws-exploited-in-2025-as-enterprise-targets-grow.html
