Data Wiper
Broken VECT 2.0 ransomware acts as a data wiper for large files
Researchers are warning that the VECT 2.0 ransomware has a problem in the way it handles encryption nonces that leads to permanently destroying larger files rather than encrypt them. VECT has been advertised on one of the latest BreachForums iterations, inviting registered users to become affiliates, and distributing access keys via private messages to those […]
New Lotus data wiper used against Venezuelan energy, utility firms
A previously undocumented data-wiping malware dubbed Lotus was used last year in targeted attacks against energy and utilities organizations in Venezuela. The malware was uploaded to a publicly available platform in mid-December from a machine in Venezuela and has been analyzed by researchers at Kaspersky. Before the cripling stage, the attacker relies on two batch […]
Medtech giant Stryker fully operational after data-wiping attack
Stryker Corporation, one of the world’s leading medical technology companies, says it’s fully operational three weeks after many of its systems were wiped out in a cyberattack claimed by the Iranian-linked Handala hacktivist group. The Fortune 500 medtech giant has over 53,000 employees, makes a wide range of products (including neurotechnology and surgical equipment), and […]
Medtech giant Stryker offline after Iran-linked wiper malware attack
Leading medical technology company Stryker has been hit by a wiper malware attack claimed by Handala, an Iranian-linked and pro-Palestinian hacktivist group. The medtech giant manufactures a range of products, including surgical and neurotechnology equipment. With over 53,000 employees, Stryker is a Fortune 500 company that reported global sales of $22.6 billion in 2024. Handala says they […]
Exposed MongoDB instances still targeted in data extortion attacks
A threat actor is targeting exposed MongoDB instances in automated data extortion attacks demanding low ransoms from owners to restore the data. The attacker focuses on the low-hanging fruit, databases that are insecure due to misconfiguration that permits access without restriction. Around 1,400 exposed servers have been compromised, and the ransom note demanded a ransom […]
Sandworm hackers linked to failed wiper attack on Poland’s energy systems
A cyberattack targeting Poland’s power grid in late December 2025 has been linked to the Russian state-sponsored hacking group Sandworm, which attempted to deploy a new destructive data-wiping malware dubbed DynoWiper during the attack.. Sandworm (also tracked as UAC-0113, APT44, and Seashell Blizzard) is a Russian nation-state hacking group that has been active since 2009. […]
Sandworm hackers use data wipers to disrupt Ukraine’s grain sector
Russian state-backed hacker group Sandworm has deployed multiple data-wiping malware families in attacks targeting Ukraine’s education, government, and the grain sector, the country’s main revenue source. The attacks occurred in June and September, cybersecurity company ESET says in a report today, and continue Sandworm’s (a.k.a. APT44) string of destructive operations in Ukraine. As the name indicates, […]
Fake WhatsApp developer libraries hide destructive data-wiping code
Two malicious NPM packages posing as WhatsApp development tools have been discovered deploying destructive data-wiping code that recursively deletes files on a developer’s computers. Two malicious NPM packages currently available in the registry target WhatsApp developers with destructive data-wiping code. The packages, discovered by researchers at Socket, masquerade as WhatsApp socket libraries and were downloaded over 1,100 […]
Hackers breach Toptal GitHub account, publish malicious npm packages
Hackers compromised Toptal’s GitHub organization account and used their access to publish ten malicious packages on the Node Package Manager (NPM) index. The packages included data-stealing code that collected GitHub authentication tokens and then wiped the victims’ systems. Toptal is a freelance talent marketplace that connects companies with software developers, designers, and finance experts. The company also […]
U.S. warns of Iranian cyber threats on critical infrastructure
U.S. cyber agencies, the FBI, and NSA issued an urgent warning today about potential cyberattacks from Iranian-affiliated hackers targeting U.S. critical infrastructure. CISA says there are no indications of an ongoing campaign but urges critical infrastructure organizations and other potential targets to monitor their defense due to the current unrest in the Middle East and cyber […]