Vendor

Azure

2 briefs RSS

Screening Serpens APT Targets Tech and Defense Sectors with New RATs

The Iranian APT group Screening Serpens targeted the tech and defense sectors in the U.S., Israel, and the UAE between February and April 2026, deploying six new RAT variants from the MiniUpdate and MiniJunk V2 malware families, using tailored social engineering lures and AppDomainManager hijacking.

MiniUpdate +2 Screening Serpens APT Iran RAT MiniJunk DLL Sideloading AppDomainManager Cyberespionage

2r 3t 4w ago

high advisory

Kubernetes Pod Exec Cloud Instance Metadata Access

2 rules 2 TTPs

Detection of Kubernetes pod exec sessions accessing cloud instance metadata endpoints, indicating potential credential theft from AWS, GCP, or Azure.

AWS IMDS +2 kubernetes cloud credential_access execution

2r 2t Jan 3, 2024