This Week's Top Five Stories in Cyber

Unit 42 Shows How Iranian Hackers Hide Behind Job Postings

In modern warfare, a large part of the fighting is done away from the battlefield. Cyberspace is now a frontier of war, alongside land, sea, air and space.

This is certainly the case for the unfolding conflict in the Middle East. Researchers have uncovered an Iranian advanced persistent threat (APT) group in action targeting organisations across the US, Israel and UAE.

Palo Alto Networks’ Unit 42 stumbled upon a sophisticated cyber espionage campaign linked to Screening Serpens – who also go by aliases such as Smoke Sandstorm, Iranian Dream Job and UNC1549.

The latest findings from Unit 42 points to the threat group deploying six new remote access Trojan (RAT) variants deployed between February and April 2026.

Researchers believe additional entities across the Middle East may also have been affected.

CrowdStrike Dismantles Developer-Targeting Glassworm Botnet

In a year where software supply chain attacks dominated the cyber news cycle, the strategic takedown of the Glassworm botnet is welcome news for developers everywhere. 

Through a combined operation with Google and the Shadowserver Foundation, cybersecurity giant CrowdStrike successfully dismantled a sophisticated global botnet designed to withstand traditional takedown efforts. 

The effort led by CrowdStrike’s Counter Adversary Operations team targeted an advanced malware infrastructure that used four separate command and control channels to remain active even if parts of the network were disabled.

From early in 2025, Glassworm operators had been systematically targeting their prey of choice – developers, high value targets with access to source code repos, cloud, CI/CD pipelines and package registries.

A good target choice, as a single developer compromise could soon snowball into vast supply chain compromises impacting thousands of users and enterprises downstream. 

Zscaler Acquires Symmetry Systems to Map & Secure AI Agents

When enterprises started treating AI agents as a “new form of labour” they unwittingly plugged in autonomous privileged insiders across their sensitive stack. 

This agentic backdrop sets the scene for Zscaler’s decision, as it announces plans to acquire Symmetry Systems to strengthen enterprise AI security and accelerate the evolution of Zero Trust architecture. 

Zscaler will gain deeper visibility into how AI agents, applications and enterprise data interact across increasingly complex digital environments – this foundational visibility is key to governance.  

“As enterprises rapidly adopt AI, the old playbook for governing access built around users and directories cannot scale to millions of AI agents,” says Jay Chaudhry, Chairman and CEO of Zscaler. 

“With Symmetry Systems, we are adding the access graph that maps how every identity, application and data source connects across the enterprise.”

TCS Brings SovereignSecure Cloud to EU for AI Data Security

Cybersecurity teams across Europe face mounting pressure from two directions. Organisations want faster deployment of AI and cloud infrastructure, while regulators and threat landscapes demand stricter control over where sensitive data resides and who can access it.

Cloud migration has traditionally been discussed in terms of performance and cost. With data sovereignty now a compliance requirement, security architectures must adapt.

Security leaders are being asked to demonstrate that critical workloads can meet regulatory standards and withstand attacks without limiting operational speed. This requirement is creating demand for platforms that combine cloud infrastructure with jurisdictional control.

Sapthagiri Chapalapalli, Head of Europe at TCS, says: "European organisations are looking to strike a balance between addressing supply chain and sovereignty risks while ensuring leverage of frontier technologies to be globally competitive."

Fujitsu's Dual AI Deal: Claude for Defence & ChatGPT for Ops

Fujitsu has announced partnerships with both Anthropic and OpenAI. The Japanese technology equipment and services company will deploy different AI models for different operational requirements.

The approach could signal a shift away from single-vendor AI strategies. According to Fujitsu, the dual partnerships will allow the company to balance cyber defence and regulatory compliance against enterprise automation and industrial productivity.

Fujitsu will use Anthropic's Claude model family for domains where data sovereignty, regulatory compliance and security are required. These include government, finance, healthcare, defence and critical infrastructure.

Takahito Tokita, Representative Director and CEO of Fujitsu, says: "We see the rapid evolution and growth of AI as something that must be swiftly implemented in society and translated into value creation – this is a top priority for us as a technology company."