Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations

Published: 0 month ago (April 6, 2026 at 02:37 PM EDT)

1 min read

Source: The Hacker News

Overview

An Iran‑nexus threat actor is suspected to be behind a password‑spraying campaign targeting Microsoft 365 environments in Israel and the U.A.E. amid the ongoing conflict in the Middle East. The activity, assessed to be ongoing, was carried out in three distinct attack waves that took place on March 3, March 13, and March 23, 2026, per Check Point.

“The campaign is primarily …”

Back to Blog

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

Threat actors likely associated with the Democratic People’s Republic of Korea DPRK have been observed using GitHub as command‑and‑control C2 infrastructure in...

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

A China-aligned threat actor has set its sights on European government and diplomatic organizations since mid‑2025, following a two‑year period of minimal targe...

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

A large‑scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database creden...

The State of Trusted Open Source Report

In December 2025, we shared the first‑ever The State of Trusted Open Source report, featuring insights from our product data and customer base on open‑source co...

Overview

Related posts

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

The State of Trusted Open Source Report