The Israeli National Digital Agency has reported that the Iranian threat actor APT42 is currently engaged in espionage targeting individuals and organizations valuable to the Islamic Revolutionary Guard Corps. Known as SpearSpecter, this campaign was first detected in early September 2025 and appears to be still active, suggesting a persistent threat to targeted entities.
APT42’s operations seem focused on gathering intelligence relevant to Iran’s national interests, particularly those associated with the IRGC. The details surrounding the methods and tools utilized by APT42 remain limited, yet the implications of their targets emphasize the importance of vigilance against state-sponsored cyber espionage. Organizations and individuals in sensitive sectors should enhance their cybersecurity defenses in light of this evolving threat.
👉 Pročitaj original: The Hacker News
