Iran-linked APT targets US critical sectors with new backdoors - Help Net Security

An Iran-linked APT group, known as Seedworm, has been actively targeting US critical sectors, including a bank, an airport, and a software company, since early February 2026. The group is utilizing new backdoors named Dindoor and Fakeset, with the apparent goal of espionage and data exfiltration.