KrebsOnSecurity reported the emergence of CanisterWorm, a wiper malware specifically designed to disrupt Iranian critical infrastructure. The worm employs a sophisticated multi‑stage loader to conceal its payload and quickly erases data on compromised systems.

The destructive wiping routines have propagated rapidly across critical industrial systems, creating the potential for irreversible operational damage in sectors such as energy and manufacturing.

Defenders should reinforce backup strategies, isolate critical networks, and deploy advanced endpoint detection capable of identifying multi‑stage loaders before they activate.