A subgroup of Iran-linked APT Phosphorus (Mint Sandstorm) has started to quickly adopt PoC exploit code targeting vulnerabilities in internet-facing applications.
Researchers say the Iran-linked threat actor used an adaptable modular malware framework and compromised IT service providers to reach high-value targets in Israel.