Tag: proxyshell

2 Attack Reports | 0 Vulnerabilities

Attack reports

APT35 Internal Leak of Hacking Campaigns Against Lebanon, Kuwait, Turkey, Saudi Arabia, Korea, and Domestic Iranian Targets

An internal leak from APT35 (Charming Kitten) reveals a sophisticated, state-directed cyber-intelligence operation targeting diplomatic, government, and corporate networks in the Middle East and Asia. The documents expose a bureaucratic structure with defined workflows, performance metrics, and spe…
phishing
iran
cyberespionage
proxyshell
middle east
intelligence collection
exchange
2025-11-22
irgc
herv phishing kit
powershort
rat-2ac2
Published: November 22, 2025
Downloadable IOCs: 1

ProxyLogon and ProxyShell Used to Target Government Mail Servers in Asia, Europe, and South America

This analysis describes the identification of a server likely exploiting ProxyLogon and ProxyShell vulnerabilities to gain unauthorized access to government email servers across Asia, Europe, and South America. The threat actor leveraged open-source exploit code to infiltrate systems and steal sens…
python
powershell
CVE-2021-34473
2024-07-05
proxyshell
CVE-2021-31207
CVE-2021-34523
microsoft exchange
Published: July 5, 2024
Downloadable IOCs: 4
Click here to see more Attack Reports