Latest Internet & Cybersecurity News

📅March 7, 2026 at 1:00 AM
Cyber threats escalate amid Iran-Israel conflict as Iranian groups form collectives targeting critical infrastructure, while law enforcement dismantles major cybercrime forum LeakBase.
1

Iran-Linked MuddyWater Hackers Deploy New Dindoor Malware Against U.S. Networks

State-sponsored Iranian group MuddyWater, affiliated with the Ministry of Intelligence and Security (MOIS), has breached U.S. networks using new Dindoor malware, with activity beginning in early February and escalating following U.S. and Israeli military strikesSource 6. The campaign specifically targeted a software company supplying defense and aerospace industries with operations in IsraelSource 6.

2

Law Enforcement Dismantles LeakBase Cybercrime Forum in Coordinated International Operation

The FBI and international partners across 14 countries conducted Operation Leak on March 3-4, 2026, dismantling LeakBase, a major cybercrime marketplace with over 142,000 members that facilitated the sale of stolen data and hacking toolsSource 4. The operation resulted in 37 arrests and targeted the platform's most active users, with roughly 100 enforcement actions conducted worldwideSource 4.

3

Wave of Low-Level Cyber Activity Expected Against U.S. State and Local Governments

Intelligence group MS-ISAC warned government agencies to prepare for increased cyber attacks as Iranian and Russian-aligned hacktivist groups form a 'collective' with enhanced targeting capabilitiesSource 1Source 8. Palo Alto Networks' Unit 42 reported a 'surge' in activity involving as many as 60 politically motivated cyber groupsSource 1.

4

Iranian Cyber Groups Demonstrate Activation and Rapid Retooling for Retaliation

Iranian state-sponsored APT groups including MuddyWater, Charming Kitten, OilRig, Elfin, and Fox Kitten have shown 'clear signs of activation and rapid retooling' for retaliatory operations, with cyber capabilities representing one of Iran's most accessible asymmetric toolsSource 6. These groups are positioning themselves to target Gulf states and U.S. interestsSource 6.

5

Critical Infrastructure Vulnerabilities Exposed as AWS Data Centers Suffer Damage

Amazon Web Services data facilities in the United Arab Emirates and Bahrain experienced damage that drove global service outages, with Google, Microsoft, and Oracle cloud infrastructure also at riskSource 1Source 8. The incidents highlight vulnerabilities in critical 'soft targets' including undersea cables, internet exchange points, and cloud infrastructure across the regionSource 1.

6

Russian-Led Cyber Campaign Targets Ukraine With New BadPaw and MeowMeow Malware

Cybersecurity experts identified a new Russian-led campaign targeting Ukrainian organizations involving two previously unknown malware families, BadPaw and MeowMeow, delivered through phishing emails containing fake border crossing documentsSource 4. The malware includes a backdoor allowing remote control of infected devices while evading detection through system age verificationSource 4.

7

Hacktivist Groups Routing Operations Through Starlink to Target IP Cameras in Middle East

Pro-Palestinian hacktivist group Handala Hack has been routing cyber operations through Starlink IP ranges to probe externally facing applications in Israel and Gulf countries including the U.A.E., Qatar, Bahrain, and KuwaitSource 6. The group is exploiting vulnerabilities in Dahua and Hikvision IP cameras as regional cyber tensions escalateSource 6.

8

Shipping Lanes and Energy Markets Threatened by Iranian Cyber and Military Operations

Iran is targeting civilian shipping vessels and tankers in addition to cyber infrastructure, with partial closures of shipping lanes potentially triggering cascading effects on crude oil prices and technology supply chainsSource 1Source 8. Analysts are monitoring increases in reported cyber incidents targeting utilities, ports, and logistics companies as key escalation indicatorsSource 5.

9

Z-Pentest Hacktivist Group Targets U.S. ICS and SCADA Systems Following Military Operations

Pro-Russia hacktivist group Z-Pentest claimed responsibility between February 28 and March 2, 2026 for compromising U.S.-based entities including Industrial Control Systems, SCADA systems, and multiple CCTV networks, with timing suggesting escalated focus on U.S. targetsSource 6. CrowdStrike analysts assess the unverified claims coincide with broader regional conflict escalationSource 6.

10

VPNs and Remote Desktop Applications Remain Primary Entry Points for Ransomware Attacks

VPNs appeared in 59% of ransomware incidents where compromised technology was confirmed, with exposed VPN login panels increasing incident likelihood three to four times compared to protected systemsSource 10. Remote desktop applications accounted for 14% of ransomware entry points, with exposure increasing incident risk three to eight timesSource 10.

11

Pentagon Faces Controversy Over AI Chatbot Use in Military Operations Amid Security Concerns

The Pentagon tested Anthropic's Claude chatbot for analyzing military data, but a dispute emerged over using Claude for mass surveillance of civilians and autonomous weapons, which Anthropic refusedSource 7. U.S. Defense Secretary Pete Hegseth subsequently declared Anthropic a 'national security risk' over the refusal to enable these military applicationsSource 7.

Back to News