Nayatel A.I CyberSecurity Scoring
Nayatel
Company Information
Website:http://www.nayatel.com
Employees number:1,896
Number of followers:195,253
NAICS:517
Industry Type:Telecommunications
Homepage:nayatel.com
Nayatel Risk Score (AI oriented)
Between 750 and 799
NayatelTelecommunications
Updated:
21/04/2026
21/04/2026
750/1000
Fair
Baa
Nayatel Global Score (TPRM)
xxxx
NayatelTelecommunications
Score locked

NayatelFair
Current Score
750Baa (FAIR)
01000
1 incidents
-18 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
751
JUNE 2026
751
MAY 2026
750
APRIL 2026
750
MARCH 2026
749
FEBRUARY 2026
766
Cyber Attack
01 Feb 2026 • Nayatel
Nayatel: SideWinder Uses Fake Chrome PDF Viewer and Zimbra Clone to Steal Government Webmail Credentials
SideWinder APT Targets South Asian Governments in Sophisticated Phishing Campaign
748
CRITICAL-18
NAY1776759980
SideWinder APT Targets South Asian Governments in Sophisticated Phishing Campaign
The advanced persistent threat (APT) group SideWinder has launched a highly targeted phishing campaign against government and defense organizations in South Asia, including the Bangladesh Navy and Pakistan’s Ministry of Foreign Affairs. Active since at least February 2026, the operation employs a fake Chrome PDF viewer and a pixel-perfect clone of the Zimbra email login portal to harvest credentials.
### Attack Mechanics
The campaign begins with spearphishing links sent to targeted individuals. Victims are directed to a fake PDF viewer (using PDF.js v2.16.105) displaying a blurred diplomatic cable a real stolen document from Pakistan’s government related to the 152nd IPU Assembly in Istanbul. After five seconds, the page automatically redirects to a Zimbra login clone, which mirrors the legitimate Bangladesh Navy webmail portal (mail.navy.mil.bd).
The phishing kit, internally named Z2FA_LTS ("Zimbra 2FA Long-Term Support"), is a server-rendered Express.js application hosted on Cloudflare Workers. It employs several deceptive tactics:
- Reverse-proxied assets from the real Zimbra server to enhance authenticity.
- A forced session expiration error to prompt re-login.
- A double-submission trick, where the victim’s username is pre-filled after the first login attempt, tricking them into re-entering their password.
### Operational Security Failure
During analysis, researchers discovered a critical OPSEC lapse: a 500 error exposed a full Express.js stack trace, revealing the developer’s Linux username (moincox) and the kit’s internal name (Z2FA_LTS). The handle moincox has no public footprint on GitHub, npm, or other code repositories.
### Infrastructure & Attribution
Researchers, including @volrant136, @Huntio, and @malwrhunterteam, mapped seven distinct phishing Workers across two Cloudflare accounts (girlfriendparty42.workers.dev and malik-jaani786.workers.dev) over three months. Targets included:
- Bangladesh Navy (mail.navy.mil.bd)
- Pakistan’s Ministry of Foreign Affairs
- Nayatel (ISP)
- Bangladesh Computer Council
### Impact & Response
The campaign highlights SideWinder’s evolving tactics, including session management with rotating CSRF tokens and real-time asset mirroring to evade detection. Affected organizations have been urged to rotate credentials and report the infrastructure to Cloudflare Trust and Safety for takedown. The use of stolen diplomatic documents as lures underscores the group’s focus on high-value targets in the region.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
JANUARY 2026
766
DECEMBER 2025
766
NOVEMBER 2025
766
OCTOBER 2025
766
SEPTEMBER 2025
766
AUGUST 2025
766
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for Nayatel ??
What was Nayatel's A.I Rankiteo Cyber Score in June 2026 ??
What was Nayatel's A.I Rankiteo Cyber Score in May 2026 ??
What was Nayatel's A.I Rankiteo Cyber Score in April 2026 ??
What was Nayatel's A.I Rankiteo Cyber Score in March 2026 ??
What was Nayatel's A.I Rankiteo Cyber Score in February 2026 ??
What was Nayatel's A.I Rankiteo Cyber Score in January 2026 ??
What was Nayatel's A.I Rankiteo Cyber Score in December 2025 ??
What was Nayatel's A.I Rankiteo Cyber Score in November 2025 ??
What was Nayatel's A.I Rankiteo Cyber Score in October 2025 ??
What was Nayatel's A.I Rankiteo Cyber Score in September 2025 ??
What was Nayatel's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on Nayatel's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with Nayatel ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view Nayatel's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?