:

ANCIENT MALWARE PREDATES STUXNET IN IRAN NUCLEAR PLOT

SECURITY DESK1 MIN READ
THU, APR 23, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

Researchers have deciphered Fast16, a sophisticated sabotage malware created in 2005 that likely targeted Iran's nuclear program years before the infamous Stuxnet attack. The discovery suggests a coordinated cyber campaign against Tehran's atomic facilities.

Security researchers cracked Fast16, mysterious code designed to silently corrupt calculations and simulations in industrial software. The malware predates Stuxnet—the 2010 worm widely attributed to US and Israeli intelligence—by five years. Fast16 was engineered to tamper with computational processes without triggering detection, making it ideal for sabotaging nuclear research. Experts believe US intelligence or an allied nation deployed the code, though no official confirmation exists. The discovery reveals a longer history of cyber operations targeting Iran's nuclear infrastructure than previously known. It suggests multiple coordinated attacks spanning years, not a single strike. Researchers indicate Fast16 could have impacted simulations used in nuclear weapons development or reactor operations. The finding underscores how early-stage cyber warfare was deployed against strategic targets long before such tactics became commonplace.

■ SOURCES

Wired

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.

5H AGOIndustry Desk

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.

5H AGOSecurity Desk

Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.

7H AGOAI Desk

A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.

10H AGOIndustry Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.