VulnHub

Real-time Cybersecurity News

Iran Claim Massive Cyber-Attack on MedTech Firm Stryker

Infosecurity Magazine
Actively Exploited
MalwareCritical

Overview

The pro-Iran hacking group Handala has claimed responsibility for a significant cyber-attack on the U.S. medical technology firm Stryker. They assert that they have deployed destructive wiper malware that has wiped out approximately 200,000 systems within the company. This attack raises concerns about the security of critical healthcare infrastructure, as Stryker is known for its medical devices and equipment. The incident highlights the ongoing risks faced by organizations in the healthcare sector from state-sponsored cyber threats. As healthcare systems increasingly rely on digital solutions, the potential for disruption and data loss becomes more pronounced, making it essential for companies to bolster their cybersecurity measures.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Stryker Corporation systems, potentially affecting medical devices and healthcare infrastructure.
  • Action Required: Companies should enhance their cybersecurity protocols, conduct regular system backups, and ensure that all software is updated to the latest security standards.
  • Timeline: Newly disclosed

Original Article Summary

The pro-Iran Handala group claims to have wiped 200,000 systems in destructive wiper malware attack on US firm Stryker

Impact

Stryker Corporation systems, potentially affecting medical devices and healthcare infrastructure.

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Companies should enhance their cybersecurity protocols, conduct regular system backups, and ensure that all software is updated to the latest security standards.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Malware, Critical.

Read Original Article

Related Coverage

JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware

The Hacker News

A new cyber campaign has emerged, targeting cryptocurrency firms through deceptive recruitment tactics and custom malware designed for macOS systems. Researchers from Wiz have identified this threat actor, known as JINX-0164, which employs social engineering to lure victims into downloading malicious software. The malware is tailored to exploit continuous integration and continuous deployment (CI/CD) infrastructures, increasing the risk of digital asset theft for affected organizations. As cryptocurrency firms often handle significant amounts of valuable digital assets, these attacks could lead to substantial financial losses and damage to their reputations. Companies in the crypto space need to be vigilant and enhance their security measures to protect against these sophisticated threats.

May 28, 2026

19.6 Billion Files Are Sitting Open on the Internet. No Password Required

Security Affairs

A recent study by Mysterium VPN revealed that an astonishing 19.6 billion files are publicly accessible on the internet due to misconfigured cloud storage buckets. Among these files, there are around 685,000 credential files and nearly 1 million database dumps. This situation exposes sensitive information and undermines the common belief that data stored with companies is secure. The findings raise significant concerns about data privacy and security, emphasizing that many organizations may not be adequately protecting their data. It’s crucial for companies to review their cloud configurations to prevent unauthorized access to sensitive information.

May 28, 2026

Police arrest suspect in Ajax football club hack that exposed 300,000 fan records

Help Net Security

A 35-year-old man from Buren, Netherlands, has been arrested by the Dutch National Police for hacking into AFC Ajax's computer systems. The investigation began after the football club discovered that its systems had been accessed without authorization, leading to the exposure of personal records for approximately 300,000 fans. The suspect is believed to have gained unauthorized access multiple times. This incident raises concerns about the security of fan data in sports organizations and the potential risks associated with such breaches. As data privacy becomes increasingly important, this case underscores the need for sports clubs to enhance their cybersecurity measures to protect sensitive information.

May 28, 2026

Nordic CISOs Handle Rising Cyber Threats Remarkably Well

darkreading

Despite the growing concerns around cybersecurity, a recent survey of Chief Information Security Officers (CISOs) in northern Europe found that most are not experiencing a significant increase in cyberattacks compared to two years ago. This suggests that while the threat of cyber incidents remains, the situation for many organizations has stabilized. The findings indicate that companies have likely adapted their defenses and strategies against potential attacks, even with the rise of artificial intelligence in cyber operations. Understanding this trend is important for businesses as it helps inform their security postures and resource allocations. Overall, the report provides a snapshot of the current state of cybersecurity in northern Europe, demonstrating resilience in the face of evolving threats.

May 28, 2026

Pirates in the crosshairs: how one cybercrime gang has been infecting book, movie, and TV show fans for years

Securelist

Recent research has uncovered a long-running cybercrime operation targeting fans of pirated books, movies, and TV shows. In 2026, experts identified new websites associated with this gang, attracting tens of millions of visitors. These sites have been linked to malware distribution, including a Remote Access Trojan (RAT) that allows attackers to control infected devices. This situation poses significant risks for users who access these pirated materials, as they may unknowingly download harmful software. It's crucial for consumers to be aware of these dangers and consider the security implications of engaging with pirated content.

May 28, 2026

FBI warns law firms of in-person data theft by Silent Ransom Group

SCM feed for Latest

The FBI has issued a warning to law firms about a new tactic being used by the Silent Ransom Group (SRG) to steal sensitive data. These attackers are impersonating IT support staff and reaching out to victims through phone calls or phishing emails, aiming to gain access to their systems via remote desktop sessions. This method is particularly concerning for law firms, which often handle confidential information. If successful, these attacks could lead to significant data breaches, putting client information at risk. The FBI emphasizes the need for firms to be vigilant and to verify the identity of anyone requesting remote access to their systems.

May 27, 2026