Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps

The purpose of this Alert is to amplify Poland’s Computer Emergency Response Team CERT Polska’s Energy Sector Incident Report published on Jan. 30, 2026, and highlight key mitigations for Energy Sector stakeholders. In December 2025, a malicious cyber actors targeted and compromised operational...

Poland Thwarts Russian Wiper Malware Attack on Power Plants

Poland blocked a Russian wiper malware attack on power and heating plants, officials say, avoiding outages during winter and prompting tighter cyber rules...

Hackers Use Fake ESET Emails to Target Israeli Firms with Wiper Malware

Hackers impersonate ESET in phishing attacks targeting Israeli organizations. Malicious emails, claiming to be from ESET, deliver wiper…...

Iranian MOIS-Linked Hackers Behind Destructive Attacks on Albania and Israel

An Iranian threat actor affiliated with the Ministry of Intelligence and Security MOIS has been attributed as behind destructive wiping attacks targeting Albania and Israel under the personas Homeland Justice and Karma, respectively. Cybersecurity firm Check Point is tracking the activity under t...

Apple Chip Flaw Leaks Secret Encryption Keys

Plus: The Biden administration warns of nationwide attacks on US water systems, a new Russian wiper malware emerges, and China-linked hackers wage a global attack spree...

U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks

The U.S. Treasury Department's Office of Foreign Assets Control OFAC announced sanctions against six officials associated with the Iranian intelligence agency for attacking critical infrastructure entities in the U.S. and other countries. The officials include Hamid Reza Lashgarian, Mahdi...

Pro-Iranian Hacker Group Targeting Albania with No-Justice Wiper Malware

The recent wave of cyber attacks targeting Albanian organizations involved the use of a wiper called No-Justice. The findings come from cybersecurity company ClearSky, which said the Windows-based malware "crashes the operating system in a way that it cannot be rebooted." The intrusions have been...

Microsoft Warns of New 'FalseFont' Backdoor Targeting the Defense Sector

Organizations in the Defense Industrial Base DIB sector are in the crosshairs of an Iranian threat actor as part of a campaign designed to deliver a never-before-seen backdoor called FalseFont. The findings come from Microsoft, which is tracking the activity under its weather-themed moniker Peach...

Iranian Hackers Launch Destructive Cyber Attacks on Israeli Tech and Education Sectors

Israeli higher education and tech sectors have been targeted as part of a series of destructive cyber attacks that commenced in January 2023 with an aim to deploy previously undocumented wiper malware. The intrusions, which took place as recently as October, have been attributed to an Iranian...

Pro-Hamas Hacktivists Targeting Israeli Entities with Wiper Malware

A pro-Hamas hacktivist group has been observed using a new Linux-based wiper malware dubbed BiBi-Linux Wiper, targeting Israeli entities amidst the ongoing Israeli-Hamas war. "This malware is an x64 ELF executable, lacking obfuscation or protective measures," Security Joes said in a new report...

CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine

An ongoing phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a polyglot file, according to the Computer Emergency Response Team of Ukraine CERT-UA. The emails, per the agency, are sent using compromised accounts and come with a ZIP...

New Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector

The Russia-affiliated Sandworm used yet another wiper malware strain dubbed NikoWiper as part of an attack that took place in October 2022 targeting an energy sector company in Ukraine. "The NikoWiper is based on SDelete, a command line utility from Microsoft that is used for securely deleting...

Ransomware and wiper signed with stolen certificates

Introduction On July 17, 2022, Albanian news outlets reported a massive cyberattack that affected Albanian government e-services. A few weeks later, it was revealed that the cyberattacks were part of a coordinated effort likely intended to cripple the countrys computer systems. On September 10,...

Ukraine's DELTA Military System Users Under Attack from Info Stealing Malware

The Computer Emergency Response Team of Ukraine CERT-UA this week disclosed that users of the Delta situational awareness program received phishing emails from a compromised email account belonging to the Ministry of Defense. The attacks, which have been attributed to a threat cluster dubbed...

Russian Courts Targeted by New CryWiper Data Wiper Malware Posing as Ransomware

A new data wiper malware called CryWiper has been found targeting Russian government agencies, including mayor's offices and courts. "Although it disguises itself as a ransomware and extorts money from the victim for 'decrypting' data, it does not actually encrypt, but purposefully destroys data ...

U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania

The U.S. Treasury Department on Friday announced sanctions against Iran's Ministry of Intelligence and Security MOIS and its Minister of Intelligence, Esmaeil Khatib, for engaging in cyber-enabled activities against the nation and its allies. "Since at least 2007, the MOIS and its cyber actor...

Iranian Hackers Likely Behind Disruptive Cyberattacks Against Albanian Government

A threat actor working to further Iranian goals is said to have been behind a set of damaging cyberattacks against Albanian government services in mid-July 2022. Cybersecurity firm Mandiant said the malicious activity against a NATO state represented a "geographic expansion of Iranian disruptive...

EMEAR Monthly Talos Update: Wiper malware

Cisco Talos and Cisco Secure are launching a new video series to fill you in on the latest cybersecurity trends. We’re thrilled to launch our first video in the new Talos Threat Update series, which you can watch above or over at this link, where Martin Lee and Hazel Burton talk about wiper... Th...

Microsoft Issues Report of Russian Cyberattacks against Ukraine

Microsoft has a comprehensive report on the dozens of cyberattacks -- and even more espionage operations -- Russia has conducted against Ukraine as part of this war: At least six Russian Advanced Persistent Threat APT actors and other unattributed threats, have conducted destructive attacks,...

Russian Wiper Malware Likely Behind Recent Cyberattack on Viasat KA-SAT Modems

The cyberattack aimed at Viasat that temporarily knocked KA-SAT modems offline on February 24, 2022, the same day Russian military forces invaded Ukraine, is believed to have been the consequence of wiper malware, according to the latest research from SentinelOne. The findings come a day after th...