TI Mindmap HUB
Threat Intelligence Report

Seedworm: Iran-Linked Hackers Breached Korean Electronics Maker in Global Spying Campaign

📅 May 19, 2026 📰 www.security.com 🔍 0 CVE(s) referenced

Iran-linked Seedworm (MuddyWater) launched a sophisticated global espionage campaign in early 2026, breaching at least nine organizations—including a major South Korean electronics manufacturer—by abusing signed binaries for stealthy DLL sideloading, orchestrating attacks via Node.js and PowerShell, and exfiltrating sensitive data through public file-transfer services.

vendor

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap
🎯 IOC Extraction
⚔️ MITRE ATT&CK TTPs
📦 STIX 2.1 Bundle