Iranian APT Targets Aviation, Software Companies With Updated Tools

Tuesday, May 26, 2026 at 01:26 PM UTC·Source: SecurityWeek

Updated: Tuesday, May 26, 2026 at 02:00 PM UTC

Executive Summary

Nimbus Manticore has continued its operations during and after the US military campaign against Iran. The post Iranian APT Targets Aviation, Software Companies With Updated Tools appeared first on SecurityWeek .

Analysis

Source Attribution

Originally published by SecurityWeek on May 26, 2026.

Related Threats

CRITICALRansomware

Stop treating AI governance as a review layer. Make it release infrastructure

I’ve spent years building compliance into security products. FedRAMP and Department of War Impact Level authorizations, vulnerability management pipelines: They all follow the same pattern. Build the product, then prove it meets requirements. The compliance layer sits outside the engineering workflow. It reviews what already exists. That model worked when the product stayed static between audits.

6h agoCSO Online

LOWApt

Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning

The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed to a fresh campaign using lures impersonating organizations in the aviation and software sectors across the U.S., Europe, and the Middle East following the joint U.S.-Israeli military campaign against the country in late February 2026. The activity, besides embracing

8h agoThe Hacker News

CRITICALRansomware

Vulnerabilities have become cyber attackers’ No. 1 door to the enterprise

Patching practices are coming under intense pressure of late, as time-to-exploit windows accelerate — a new reality likely to worsen as AI assistance in attack chains rises. Now cyber defenders have another cause for flaw alarm: Vulnerability exploitation has significantly pulled away from stolen credentials as the most common entry point in security breaches, according to the latest edition of Ve

8h agoCSO Online