Technology

Iran claims US exploited networking equipment backdoors during strikes — says devices from Cisco and others failed despite blackout in attack that 'indicates deep sabotage'

Source

Tom's Hardware

Published

Apr 22, 2026

TL;DR

AI Generated

Iran has accused the U.S. of exploiting networking equipment backdoors from Cisco, Juniper, Fortinet, and MikroTik during military operations against Iran. The Iranian media claims that these devices failed during the attacks despite Iran being disconnected from the global Internet, suggesting deep sabotage. While these claims are unverified, the U.S. has confirmed conducting cyber operations against Iran's communications infrastructure. The vendors named by Iran have had past security issues, with examples like NSA intercepting Cisco routers for surveillance implants and Juniper finding unauthorized code in its firmware. Chinese state media has supported Iran's claims, linking them to American backdoors in networking hardware.

Read Full Article

Crucial Taiwan undersea cable severed by old shipwreck — backup microwave communications activated to keep population connected

A shipwreck off Dongyin island in Taiwan has severed the undersea cable connecting it to Beigan Island, prompting the activation of backup microwave communications to maintain connectivity for the 1,500 residents. The Matsu Islands' strategic location near mainland China and the Taiwan Strait makes them crucial for Taiwan's military presence. While this incident was due to natural causes, it underscores Taiwan's vulnerability in its global connections. Recent suspicions of deliberate undersea cable damage by Chinese ships have led Taiwan to increase defensive measures and penalties for sabotage attempts. Despite wireless backups, physical undersea cables remain essential for reliable and high-bandwidth internet connections.

Tom's Hardware•

1 day ago

With $1 Cyberattacks on the Rise, Durable Defenses Pay Off

As cyberattacks that cost as little as $1 become more prevalent, the importance of robust cybersecurity defenses is highlighted. The article emphasizes the significance of writing memory-safe code over relying solely on patching vulnerabilities. Experts Evan Johnson and Justin Cappos from New York University stress the need for durable defenses in the face of rapid and powerful cyberattacks facilitated by large language models like Anthropic’s Claude Mythos. They suggest that a comprehensive approach beyond generative AI is essential for effective cyberdefense.

IEEE Spectrum•

1 day ago

Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden

Security firm Checkmarx has been targeted in a series of supply-chain attacks over the past six weeks, with malware being pushed to customers through compromised accounts. The attacks began with the breach of the Trivy vulnerability scanner, leading to malware being distributed to Checkmarx users. Checkmarx's GitHub account was also compromised, leading to the dissemination of malware to its users. The company faced additional malware pushes, indicating ongoing security challenges. A ransomware group known as Lapsu$ recently dumped Checkmarx's private data on the dark web, suggesting persistent access by attackers.

Ars Technica•

2 days ago

Ransomware accidentally destroys all files larger than 128KB, preventing decryption — VECT code likely partly vibe coded with AI or used an old code base, security researchers suggest

The VECT ransomware, discovered in December 2025, contains a critical bug that turns it into a wiper, destroying files larger than 128KB and preventing decryption. Check Point Research found that the ransomware's flawed programming causes irreversible damage to encrypted files, rendering payment to unlock data ineffective. The ransomware's code also exhibits various other issues, leading researchers to speculate that it may have been partly generated with AI or based on outdated code. Despite these flaws, the group behind VECT appears sophisticated, with multi-platform capabilities and partnerships with other threat actors. The researchers warn that the group could potentially fix these issues and release a more effective version in the future, leveraging its existing distribution system to infect more systems.