Nimbus Manticore Expanded Attacks With AI-Assisted Malware and Fake Zoom Installers
ID: bf2c3025-0e93-52fe-93bd-5414483e9f31
STIX ID: report--bf2c3025-0e93-52fe-93bd-5414483e9f31
Feed Name: Security Affairs
Threat Score
## Executive summary Check Point observed Iran-linked APT Nimbus Manticore (UNC1549) accelerate operations during Operation Epic Fury using career-themed phishing, trojanized Zoom installers, and for the first time SEO poisoning to deliver a new AI-assisted backdoor named MiniFast (replacing MiniJunk); the campaign targeted aviation, software, defense and telecom sectors across the US, Europe, Middle East and Africa and included IoCs and YARA rules.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.