Daily Security Briefing #110

December 21, 2025 | Read Online

Iranian Infy APT’s return, new malware campaigns, expanded attack targets…

Executive Summary

After years of dormancy, the Iranian hacking group Infy, also known as Prince of Persia, has resumed operations with fresh malware campaigns. This resurgence signals a possible shift or escalation in regional cyber threats, targeting entities across Europe and the Middle East. Analysts are noting that Infy’s recent activity appears broader and potentially more impactful than initially thought. Organizations in the Netherlands, Sweden, and Turkey should heighten their vigilance as the threat landscape continues to evolve rapidly.

Top Articles

Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence
Threat researchers have identified renewed cyber operations from the Iranian threat group Infy, resurfacing nearly five years after last known activity. Originally tracked targeting victims in Sweden, the Netherlands, and Turkey, the group’s recent campaigns indicate increased scale and sophistication. According to SafeBreach’s VP of Security Research, Tomer Bar, the extent of Prince of Persia’s current operations is more significant than previously expected, underscoring a heightened cyber threat environment in the region.
TheHackerNews

AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.