Advertisement
HIGH
Threat Intel
Handala Brand Evolution: Iran MOIS Shifts to Hybrid Physical Attacks
Iran’s MOIS expands the Handala brand into hybrid operations, combining cyber espionage with physical sabotage targeting U.S. and Israeli interests.
Runtime Rebel Intel
3 min read·Jun 2, 2026
TH
HIGH
Threat Intel
MuddyWater Exploits Microsoft Teams via Chaos Ransomware Decoy
Iranian APT MuddyWater utilizes Microsoft Teams social engineering and Chaos ransomware decoys to mask state-sponsored espionage operations.
Runtime Rebel Intel
3 min read·May 6, 2026
HIGH
Threat Intel
Iranian MOIS Collusion with Cybercriminals: Evolving Hybrid Threat
Iranian state-sponsored APTs, linked to MOIS, are now directly collaborating with cybercriminal organizations, escalating hybrid cyber operations. Defenders must adapt.
Runtime Rebel Intel
4 min read·Mar 13, 2026
_roibu_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
HIGH
Threat Intel
MuddyWater Deploys BugSleep Backdoor in Targeted Regional Campaigns
Iranian state actor MuddyWater introduces the custom BugSleep backdoor, targeting Middle Eastern and African entities using spear-phishing and RMM abuse.
Runtime Rebel Intel
4 min read·Feb 24, 2026