News Grower

Independent coverage of AI, startups, and technology.

Language English Russian
Ars Technica Mar 24, 2026 at 12:38 Big Tech Stable Warm

Self-propagating malware poisons open source software and wipes Iran-based machines

Development houses: It's time to check your networks for infections.

Signal weather

Stable

The story has moved beyond the first headline and now acts as a reliable context anchor.

By Dan Goodin Original source
Self-propagating malware poisons open source software and wipes Iran-based machines

A new hacking group has been rampaging the Internet in a persistent campaign that spreads a self-propagating and never-before-seen backdoor—and curiously a data wiper that targets Iranian machines. The group, tracked under the name TeamPCP, first gained visibility in December, when researchers from security firm Flare observed it unleashing a worm that targeted cloud-hosted platforms that weren’t properly secured. The objective was to build a distributed proxy and scanning infrastructure and then use it to compromise servers for exfiltrating data, deploying ransomware, conducting extortion, and mining cryptocurrency. The group is notable for its skill in large-scale automation and integration of well-known attack techniques. Relentless and constantly evolving More recently, TeamPCP has waged a relentless campaign that uses continuously evolving malware to bring ever more systems under its control. Late last week, it compromised virtually all versions of the widely used Trivy vulnerability scanner in a supply-chain attack after gaining privileged access to the GitHub account of Aqua Security, the Trivy creator. Read full article Comments

Read the full article

Stay on the signal

Follow Self-propagating malware poisons open source software and wipes Iran-based machines

Follow this story beyond a single article: new follow-ups, adjacent sources, and the evolving storyline.

We send a confirmation link first, then only meaningful digests.

Story map

Understand this topic fast

A quick entry into the story: why it matters now, who is involved, and where to go next for context.

Why it matters now

This story is still moving and pulling follow-up coverage.
There are already 6 connected articles in the same storyline to continue from here.
The story keeps orbiting around Ars Technica, Development, and Development Houses, so the entity pages are the fastest way to build context.
Ars Technica already has 4 follow-up stories on the same theme.

Topic constellation

Open the live map for this story

See which entities, story threads, sources, and follow-up articles shape this story right now.

Click nodes to continue

Entity Cluster Article Hub Source

Entity pages

Ars Technica Development Development Houses Infections Iran-based Iran Based Machines

Story threads

Ars Technica

Latest coverage and related links about Ars Technica.

Ars Technica

Последние материалы и связанный контекст по теме Ars Technica.

Development

Latest coverage and related links about Development.

Development

Последние материалы и связанный контекст по теме Development.

Story timeline

Continue with this story

A short sequence of events and follow-up stories to understand the arc quickly.

Jun 22, 2026 at 21:52 Ars Technica

GM installs robots at flagship EV factory after laying off 1,300 workers

US autoworkers union warns of robot automation as dark factory future looms.
Jun 22, 2026 at 21:02 Ars Technica

Man used massage gun on his tired eyeballs. It went as well as you'd expect.

He had retinal tears and bruises from squishing his eyeballs with the gun.
Jun 22, 2026 at 19:47 Hacker News

Jobs and Software Is Fucked

Comments
Jun 22, 2026 at 19:16 Ars Technica

Following user outcry, AMD reinstates memory encryption in consumer CPUs

Critics saw the move as an underhanded way to steer them toward more costly chips.
Jun 22, 2026 at 19:02 Ars Technica

Valve's Steam Machine ships June 29 for $1,049, but you probably won't be able to buy one yet

Valve says it's using a randomized purchase queue to make the experience "less frustrating and more fair."
Mar 24, 2026 at 12:38 Ars Technica

Self-propagating malware poisons open source software and wipes Iran-based machines

Development houses: It's time to check your networks for infections.

How reliable this looks

Signal and trust for Ars Technica

This source works at a rapid pace: 100% of recent stories land in the hot window, and 0% carry visible search signal.

Trusted

Reliability

92

Freshness

100

Sources in storyline

2

Related articles

More stories that share tags, source, or category context.

More from Ars Technica

Fresh reporting and follow-up coverage from the same newsroom.

Open source page