Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations

Monday, April 6, 2026 at 06:37 PM UTC·Source: The Hacker News

Updated: Monday, April 6, 2026 at 07:11 PM UTC

Executive Summary

An Iran-nexus threat actor is suspected to be behind a password-spraying campaign targeting Microsoft 365 environments in Israel and the U.A.E. amid ongoing conflict in the Middle East. The activity, assessed to be ongoing, was carried out in three distinct attack waves that took place on March 3, March 13, and March 23, 2026, per Check Point. "The campaign is primarily

Analysis

Source Attribution

Originally published by The Hacker News on Apr 6, 2026.

Related Threats

MEDIUMVulnerabilityNEW

Coinbase wins conditional approval for national trust bank charter

Coinbase is the latest digital asset firm to receive conditional approval from US regulators for a national trust bank charter.

Just nowFinextra

LOWVulnerabilityNEW

Businesses ready to embrace AI-to-AI commerce, consumers more wary - Visa survey

AI-to-AI commerce looks poised to scale, with more than half of US businesses willing to allow agents to negotiate prices and terms directly with other agents on their behalf, according to a survey from Visa.

Just nowFinextra

CRITICALVulnerabilityNEW

Trump's Budget Proposal Would Slash CISA After Bruising Year

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/trumps-budget-proposal-would-slash-cisa-after-bruising-year-image_small-6-a-31352.jpg" align=right hspace=4><b>White House Criticizes Cyber Defense Agency - and Proposes a Steep $700 Million Cut</b><br>The FY2027 proposal would cut roughly $707 million from CISA, reducing staffing, contractor support and coordination programs whil

36m agoBank Info Security