A never-before-seen threat activity cluster codenamed UNK_SmudgedSerpent has been attributed as behind a set of cyber attacks targeting academics and foreign policy experts between June and August 2025, coinciding with heightened geopolitical tensions between Iran and Israel.

"UNK_SmudgedSerpent leveraged domestic political lures, including societal change in Iran and investigation into the militarization of the Islamic Revolutionary Guard Corps (IRGC)," Proofpoint security researcher Saher Naumaan said in a new report shared with The Hacker News.

The enterprise security company said the campaign shares tactical similarities with that of prior attacks mounted by Iranian cyber espionage groups like TA455 (aka Smoke Sandstorm or UNC1549), TA453 (aka Mint Sandstorm or Charming Kitte

See Full Page