We recently obtained JackalControl C2 communications from a campaign targeting government entities in Iran, active until early April 2023. The most remarkable findings Early in June, we issued an early warning of a long-standing campaign that we track under the name Operation Triangulation, involving a previously unknown iOS malware platform distributed via zero-click iMessage exploits. Southeast Asia and Korean Peninsula In early September 2022, our team discovered several malware detections from the MATA cluster, previously attributed to the Lazarus group, targeting defense contractors in Eastern Europe. While the threat actor has mostly deployed Plink to establish tunnels between malicious infrastructure and targeted servers, it also leveraged the open-source tool “bore”, written in Rust.