THE article discusses a critical cyber espionage campaign linked to the Iranian threat group, Screening Serpens, targeting nations including the U.S., Israel, and the UAE. Recently uncovered vulnerabilities, particularly CVE-2026-48172 associated with the LiteSpeed cPanel Plugin, highlight an urgent need for corporate network administrators to review security protocols. The attackers utilize advanced social engineering tactics, impersonating trusted companies to recruit victims, which leads to initial breaches.
Six new remote access Trojan (RAT) variants have emerged, enhancing the group's capabilities to harvest sensitive data and maintain control over infected networks. To counter these threats, organizations are advised to adapt their defenses, particularly in detecting sophisticated evasion techniques.