What happened
Iran-linked threat group Scarred Manticore launched a new wave of attacks on Israeli organizations. The campaign used hijacked edge devices and advanced backdoors to gain long-term access to targeted networks.
Who is affected
Energy companies in Israel face the highest risk, along with other critical infrastructure and government-adjacent sectors that rely on exposed network appliances.
Why CISOs should care
The attackers used stealthy malware, persistence techniques, and infected edge devices. These methods bypass traditional controls and make detection harder. The campaign also shows a continued focus on industrial and national infrastructure, which raises the stakes for defenders.
3 practical actions
-
Audit internet-facing devices and apply the latest patches.
-
Deploy strict monitoring for unusual outbound traffic and persistence activity.
-
Review incident response playbooks for edge device compromise and long-term intrusion scenarios.
