A new cybercriminal group, Nasir Security, believed to be associated with Iran, is targeting energy organizations in the Middle East. They focus on attacking supply chain vendors involved in engineering, safety, and construction. The group emerged in October 2025 and has claimed attacks on various energy sector companies, including Dubai Petroleum, CC Energy Development, and Al-Safi Oil Company. However, their claims are likely exaggerated, and the actual breaches appear to be of third-party contractors. The group's tactics include business email compromise, spear phishing, and exploiting public-facing applications. Their activities are seen as part of a broader Iranian strategy to conduct cyberattacks and spread misinformation during ongoing geopolitical conflicts.