Originally reported by Security Affairs, The Record
TL;DR
Iranian cyber actors launched coordinated attacks against medical device manufacturer Stryker and Albania's parliament email systems, while Meta disrupted a separate Iranian influence operation using fake Instagram personas to target US users.
Multiple coordinated Iranian cyber operations targeting critical medical infrastructure and government systems, with confirmed operational disruption at major healthcare provider Stryker.
Multiple Iranian-linked cyber operations have emerged this week, targeting both critical medical infrastructure and government systems while conducting influence campaigns on social media platforms.
Medical technology manufacturer Stryker confirmed a cyberattack that has disrupted global operations, according to The Record. Pro-Palestinian hacktivist group Handala claimed responsibility for the attack, alleging it wiped 200,000 systems across the company's infrastructure.
Employees and contractors reported that devices were completely wiped during the attack, which occurred early Wednesday. The timing coincides with the group's stated retaliation for U.S. and Israeli strikes on Iran, highlighting the geopolitical motivations behind the operation.
Stryker's systems remain offline as the company works to restore operations. The attack represents a significant escalation in targeting critical medical infrastructure that directly impacts patient care capabilities.
Iran-linked hackers successfully compromised Albania's parliamentary email systems, according to The Record. While the parliament's main systems and official website remained operational, internal email services used by parliamentary administration were temporarily suspended.
The attack continues a pattern of Iranian cyber operations targeting Albanian government infrastructure. Albania has previously severed diplomatic ties with Iran over cyber operations, making it a consistent target for Iranian threat actors.
Meta disrupted an Iranian influence operation that used sophisticated fake personas on Instagram to build relationships with U.S. users before introducing political messaging, The Record reported. The operation represents an evolution in Iranian influence tactics, focusing on long-term relationship building rather than immediate propaganda dissemination.
The campaign targeted American users specifically, indicating Iran's continued interest in influencing U.S. political discourse through social media manipulation.
Bell Ambulance, Wisconsin's largest ambulance provider, disclosed that a February 2025 cyberattack affected approximately 235,000 individuals. The breach exposed Social Security numbers, driver's license numbers, financial accounts, medical information, and health insurance data.
The company serves communities with urgent medical response and interfacility transfers, making the breach particularly concerning for ongoing patient care coordination. The timing suggests potential coordination with other healthcare targeting campaigns.
Meta reported removing 159 million scam advertisements in the previous year amid congressional scrutiny over the company's role in facilitating fraudulent advertising. U.S. lawmakers have called for investigations into Meta's profiting from scam ads, highlighting the ongoing tension between platform monetization and user protection.
The European Union Agency for Cybersecurity (ENISA) released its first Technical Advisory on Secure Package Managers, providing developers with guidance for safely consuming third-party packages. The March 2026 document (v1.1) incorporated feedback from 15 stakeholder contributions, addressing critical supply chain security concerns in software development.
The advisory focuses on DevSecOps practices essential for preventing package-based attacks, which have become increasingly common in nation-state operations targeting software supply chains.
Originally reported by Security Affairs, The Record