Product
high
threat
Nimbus Manticore Resurfaces During Operation Epic Fury with New Techniques
2 rules 3 TTPsNimbus Manticore, an Iranian IRGC-affiliated threat actor, resurfaced during Operation Epic Fury, employing AppDomain Hijacking, SEO poisoning, and a new MiniFast backdoor while targeting the aviation and software sectors.
Setup.exe +3
Nimbus Manticore
nimbus-manticore
irgc
appdomain-hijacking
seo-poisoning
minijunk
minifast
infostealer
2r
3t
high
threat
Screening Serpens APT Targets Tech and Defense Sectors with New RATs
2 rules 3 TTPsThe Iranian APT group Screening Serpens targeted the tech and defense sectors in the U.S., Israel, and the UAE between February and April 2026, deploying six new RAT variants from the MiniUpdate and MiniJunk V2 malware families, using tailored social engineering lures and AppDomainManager hijacking.
MiniUpdate +2
Screening Serpens
APT
Iran
RAT
MiniJunk
DLL Sideloading
AppDomainManager
Cyberespionage
2r
3t