An Iranian government-backed threat organization has been linked to a prolonged cyber incursion targeting vital national infrastructure (CNI) in the Middle East, which persisted for almost two years.
The engagement, which continued from at least May 2023 to February 2025, involved “comprehensive surveillance operations and suspected network positioning – a strategy frequently employed to ensure ongoing access for future exploitation.”