VulnHub

Real-time Cybersecurity News

AI tapped by Iranian hackers in protest-aimed cyberattacks

SCM feed for Latest
Actively Exploited
Critical

Overview

Iranian hackers have utilized artificial intelligence to carry out cyberattacks targeting individuals and organizations that have reported on human rights abuses amid ongoing protests in the country. This campaign, known as RedKitten, aims to intimidate and silence voices critical of the Iranian government. The use of large language models in these attacks indicates a shift in tactics, as attackers look to enhance their capabilities in spreading misinformation and conducting surveillance. Those affected include non-governmental organizations, activists, and journalists who are documenting the protests and human rights violations. This development raises significant concerns about the intersection of technology and state-sponsored aggression, particularly in how it can stifle dissent and manipulate narratives during critical social movements.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Individuals and non-governmental organizations reporting human rights abuses in Iran.
  • Action Required: Organizations should enhance their cybersecurity measures, including employee training on recognizing phishing attempts and employing robust monitoring tools to detect unusual activities.
  • Timeline: Ongoing since recent protests began in 2022

Original Article Summary

AI tapped by Iranian hackers in protest-aimed cyberattacks Iran-linked threat actors have leveraged large language models to underpin cyberattacks aimed at individuals and non-governmental organizations reporting human rights abuses during nationwide protests as part of the RedKitten campaign, according to The Hacker News.

Impact

Individuals and non-governmental organizations reporting human rights abuses in Iran.

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Ongoing since recent protests began in 2022

Remediation

Organizations should enhance their cybersecurity measures, including employee training on recognizing phishing attempts and employing robust monitoring tools to detect unusual activities.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Critical.

Read Original Article

Related Coverage

Chinese Cybersecurity Firm’s AI Hacking Claims Draw Comparisons to Claude Mythos

SecurityWeek

360 Digital Security Group, a Chinese cybersecurity firm, claims to have identified 1,000 vulnerabilities using artificial intelligence. This includes findings from the Tianfu Cup hacking contest, which is known for showcasing talent in cybersecurity. The firm's assertion raises eyebrows as it draws comparisons to previous claims made by Claude Mythos, a controversial figure in the cybersecurity space. The significance of these findings lies in the potential implications for software and systems security, as vulnerabilities can be exploited by malicious actors. Companies and developers should take note of these claims and assess their products for the identified vulnerabilities to bolster their defenses.

Apr 23, 2026

If cyber espionage via HDMI worries you, NCSC built a device to stop it

Help Net Security

The National Cyber Security Centre (NCSC) has introduced a new device called SilentGlass, aimed at preventing cyber espionage through HDMI and DisplayPort connections. This plug-and-play tool addresses concerns that monitors can be exploited by attackers to access sensitive data, as they often process and store such information. By securing these display links, SilentGlass provides a protective measure for governments and businesses against potential cyber threats. The NCSC emphasizes the need for enhanced security in this area, given the increasing risks posed by malicious activities targeting display devices. This development is particularly relevant as organizations look for effective ways to safeguard their data from evolving cyber threats.

Apr 23, 2026

The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface

SecurityWeek

Recent research from Abnormal AI indicates a shift in how cyber attackers operate. Instead of relying on technical exploits, they are now targeting established workflows and the trust that exists within organizations. This means that attackers are using social engineering tactics to manipulate employees into compromise, effectively weaponizing the very relationships that businesses rely on. This trend raises concerns for companies as it highlights the vulnerability of internal processes and trust dynamics. Organizations need to reassess their security measures to address this evolving threat, as traditional defenses may not be sufficient to combat these new tactics.

Apr 23, 2026

AI-driven attacks target governments, cloud agents, supply chains

SCM feed for Latest

Recent research from OWASP reveals that AI-driven attacks are increasingly targeting critical sectors, including government agencies, cloud service providers, and supply chains. These sophisticated attacks leverage artificial intelligence to automate and enhance their effectiveness, making them harder to detect and prevent. The impact of these attacks is significant, as they can compromise sensitive data and disrupt essential services. Organizations in the affected sectors need to be vigilant and adopt stronger security measures to defend against these evolving threats. As AI technology continues to advance, the risk of such attacks is likely to grow, necessitating a proactive approach to cybersecurity.

Apr 23, 2026

Cyber-Attacks Surge 63% Annually in Education Sector

Infosecurity Magazine

According to a report from Quorum Cyber, educational institutions, both higher and further education, have seen a significant rise in cyber-attacks, with incidents increasing by 63% over the past year. This surge in attacks poses serious risks to the sensitive data of students and staff, as well as the integrity of educational operations. Cybercriminals are increasingly targeting schools and universities, exploiting vulnerabilities that may arise from outdated systems or inadequate security measures. The findings serve as a wake-up call for educational institutions to bolster their cybersecurity defenses and protect against potential breaches. As these attacks grow more frequent, the need for proactive security measures becomes even more urgent.

Apr 23, 2026

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

SecurityWeek

Researchers at Palo Alto Networks have introduced a new tool named Zealot, designed for penetration testing in cloud environments. This AI-driven system can perform tasks such as reconnaissance, exploitation, and data exfiltration with minimal human intervention. The implications of this technology are significant, as it could potentially enable attackers to automate hacking processes, making it easier for them to compromise cloud systems. Companies that rely on cloud infrastructure should be aware of this development, as it raises concerns about the security of their data and systems. The ability of AI to autonomously conduct cyberattacks underscores the need for enhanced security measures and vigilance in cloud environments.

Apr 23, 2026