MuddyWater Archivi

New attacks in Italy, novel APT operations, reported data breaches

Italy: multiple malicious activities observed A phishing campaign has been detected in Italy leveraging the name of the Agenzia delle Entrate–Riscossione with the aim of stealing login credentials belonging to...

Cyber operations in the Iranian conflict, attacks in Italy, developments in the APT landscape

16 Mar

Iran: cyberattacks in the context of the conflict Within the context of the escalation between the United States, Israel, and Iran, the cyber domain continues to represent a significant operational...

Developments in the APT landscape, new campaigns and previously unseen malware, multiple data breaches reported

18 Jan

APT: North Korean, Iranian, and Ukraine-focused operations tracked Between August and November 2025, security researchers identified a new campaign by the North Korean group ScarCruft, dubbed Artemis, aimed at distributing...

Updates on React2Shell exploitation, the latest from Beijing and Tehran, new attacks in Italy

12 Dec

React2Shell: EtherRAT and other malware delivered in state-sponsored and cybercrime activity During a recent attack based on the exploitation of the critical vulnerability CVE-2025-55182 (known as React2Shell), security researchers identified...

Phishing and ransomware in Italy, global data breaches, new state-sponsored operations

09 Dec

Italy: offensive cybercrime hits the country A new phishing campaign targeting Italian users has been identified, leveraging the name and visual identity of the Italian Government and the Presidency of...

APT operational developments, malware families and variants, new cybercrime ecosystems, and methods of compromise

27 Oct

APT: new toolkits and TTPs from state-sponsored adversaries In the state-sponsored landscape, this week saw new tactics and tools from various APTs. The Indian Bitter sent phishing emails targeting diplomatic...