News Grower

Independent coverage of AI, startups, and technology.

Language English Russian
Ars Technica Mar 24, 2026 at 12:38 Big Tech Stable Warm

Self-propagating malware poisons open source software and wipes Iran-based machines

Development houses: It's time to check your networks for infections.

Signal weather

Stable

The story has moved beyond the first headline and now acts as a reliable context anchor.

By Dan Goodin Original source
Self-propagating malware poisons open source software and wipes Iran-based machines

A new hacking group has been rampaging the Internet in a persistent campaign that spreads a self-propagating and never-before-seen backdoor—and curiously a data wiper that targets Iranian machines. The group, tracked under the name TeamPCP, first gained visibility in December, when researchers from security firm Flare observed it unleashing a worm that targeted cloud-hosted platforms that weren’t properly secured. The objective was to build a distributed proxy and scanning infrastructure and then use it to compromise servers for exfiltrating data, deploying ransomware, conducting extortion, and mining cryptocurrency. The group is notable for its skill in large-scale automation and integration of well-known attack techniques. Relentless and constantly evolving More recently, TeamPCP has waged a relentless campaign that uses continuously evolving malware to bring ever more systems under its control. Late last week, it compromised virtually all versions of the widely used Trivy vulnerability scanner in a supply-chain attack after gaining privileged access to the GitHub account of Aqua Security, the Trivy creator. Read full article Comments

Read the full article

Stay on the signal

Follow Self-propagating malware poisons open source software and wipes Iran-based machines

Follow this story beyond a single article: new follow-ups, adjacent sources, and the evolving storyline.

We send a confirmation link first, then only meaningful digests.

Story map

Understand this topic fast

A quick entry into the story: why it matters now, who is involved, and where to go next for context.

Why it matters now

This story is still moving and pulling follow-up coverage.
There are already 6 connected articles in the same storyline to continue from here.
The story keeps orbiting around Ars Technica, Development, and Development Houses, so the entity pages are the fastest way to build context.
Ars Technica already has 4 follow-up stories on the same theme.

Topic constellation

Open the live map for this story

See which entities, story threads, sources, and follow-up articles shape this story right now.

Click nodes to continue

Entity Cluster Article Hub Source

Entity pages

Ars Technica Development Development Houses Infections Iran-based Iran Based Machines

Story threads

Ars Technica

Latest coverage and related links about Ars Technica.

Ars Technica

Последние материалы и связанный контекст по теме Ars Technica.

Development

Latest coverage and related links about Development.

Development

Последние материалы и связанный контекст по теме Development.

Story timeline

Continue with this story

A short sequence of events and follow-up stories to understand the arc quickly.

May 8, 2026 at 15:46 Ars Technica

Engineers at NASA's Jet Propulsion Lab make a breakthrough in rotor technology

Testing shows rotor blades won't disintegrate when they spin at supersonic speed.
May 8, 2026 at 15:00 Ars Technica

Which Macs are suffering from shortages—and where are things getting worse?

There are a couple signs of strain beyond the MacBook Neo and the desktops.
May 8, 2026 at 14:23 Ars Technica

How climate change makes your allergies worse

As pollen season worsens, allergies compound with other climate health hazards.
May 8, 2026 at 14:11 Ars Technica

The Nintendo Switch 2 is getting more expensive later this year

"Changes in market conditions" lead to $50 price bump on Sept. 1.
May 8, 2026 at 13:59 Ars Technica

The US military just released a bunch of UAP files, but there's no there there

Here at Ars Technica, we do not preclude the possibility that aliens have visited Earth.
Mar 24, 2026 at 12:38 Ars Technica

Self-propagating malware poisons open source software and wipes Iran-based machines

Development houses: It's time to check your networks for infections.

How reliable this looks

Signal and trust for Ars Technica

This source works at a rapid pace: 100% of recent stories land in the hot window, and 0% carry visible search signal.

Trusted

Reliability

92

Freshness

100

Sources in storyline

1

Related articles

More stories that share tags, source, or category context.

More from Ars Technica

Fresh reporting and follow-up coverage from the same newsroom.

Open source page