A self-propagating malware campaign has infected open source software repositories and caused significant damage to computer systems based in Iran, according to cybersecurity researchers.

The malware appears designed to spread through software development environments and supply chains by compromising open source code repositories. Once installed, the malicious code can propagate to other systems and networks connected to infected development environments.

Systems located in Iran have reportedly experienced data wiping and other destructive effects from the malware. The geographic targeting suggests the attack may have geopolitical motivations, though the specific actors behind the campaign have not been identified.

Cybersecurity experts are advising software development organizations to immediately audit their networks and repositories for signs of infection. The incident highlights ongoing vulnerabilities in open source software supply chains that can be exploited to distribute malware at scale.

The attack represents a significant escalation in supply chain targeting, as compromising widely-used open source components can potentially affect numerous downstream users and organizations that rely on the infected software.