Apt news

The Pakistan-aligned hacking group SideCopy is reportedly targeting Afghanistan's Ministry of Finance. The cyber-espionage campaign uses spear-phishing emails containing a ZIP archive. Inside is a malicious LNK file with a Pashto filename, which deploys an open-source remote access trojan called Xeno RAT to compromise systems.

A new report from Symantec and Carbon Black links the Iranian hacking group MuddyWater to a recent espionage campaign. The activity, observed in early 2026, targeted at least nine organizations across nine countries, including sectors like manufacturing, education, public sector bodies, and financial and professional services.