{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreigjsafay2q3m2osew3ntqxio2kmkv7fzstaliymhlerhleo2kprw4",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mmps7cozvd62"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreihze7hywn7i6m5fvohggizr5emdwvcctulep2ni2diqjuzhgdz4ru"
    },
    "mimeType": "image/webp",
    "size": 67930
  },
  "path": "/miniupdate-rat-uses-azure-hosted-c2-domains-in-iran-linked-espionage-campaigns/",
  "publishedAt": "2026-05-25T16:24:41.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "MiniUpdate RAT uses Azure-hosted C2 domains in Iran-linked espionage campaigns",
    "VPN Central"
  ],
  "textContent": "Unit 42 researchers have linked new MiniUpdate and MiniJunk V2 malware activity to Screening Serpens, an Iran-nexus espionage group also known as UNC1549, Smoke Sandstorm, and Iranian Dream Job. According to Unit 42’s research, the campaigns targeted entities in the United States, Israel, and the United Arab Emirates, with likely additional targeting in the Middle […]\n\nThe post MiniUpdate RAT uses Azure-hosted C2 domains in Iran-linked espionage campaigns appeared first on VPN Central.",
  "title": "MiniUpdate RAT uses Azure-hosted C2 domains in Iran-linked espionage campaigns"
}